Epicenter

Epicenter K, also known simply as Epicenter, is an organisation headquartered in Ukraine. The entity operates under these two aliases in open-source references. Its headquarters location places it within the Ukrainian jurisdiction. No further details about its core products, services, or market scope are provided in the source material. Consequently, the organisation's specific industrial focus remains unspecified based on the available information.

The organisation is referenced in a Known Incidents overview concerning the 2017 Petya.A ransomware attack. According to the overview, Petya.A was a cryptoworm that targeted Ukrainian infrastructure on June 27, 2017. The malware disrupted government systems, banks, energy providers, media outlets, transport services, and critical enterprises. Initial infection vectors included mass phishing emails and exploitation of Windows vulnerabilities. Petya.A encrypted entire hard drive partitions and demanded Bitcoin payments for decryption. The worm spread rapidly using the EternalBlue exploit and tools such as psexec.exe. Its propagation caused widespread operational paralysis, including ATM failures, payment system outages, airport disruptions, and radiation monitoring failures at the Chornobyl site. The impact extended beyond Ukraine, affecting international entities such as Maersk, Rosneft, and Cadbury. The overview notes that the initial infections were traced to compromised Ukrainian accounting software. This incident highlights the cross‑border reach of the threat despite Ukraine being the primary target.