Expert finds more North Korea links in ransomware attack

Terry Joseph
May 17, 2017

"Neel Mehta's discovery is the most significant clue to date regarding the origins of WannaCrypt", Kaspersky Lab added.

"Kaspersky Lab' GReAT researchers analyzed this information, identified and confirmed clear code similarities between the malware sample highlighted by the Google researcher and the malware samples used by the Lazarus group in 2015 attacks", said the firm.

A North Korean hacking group is being investigated over the WannaCry ransomware attack - the biggest in history. He said it was too early to tell how many websites had been affected.

"We are open to investigate in all directions, but we don't speculate and we can not confirm this. It's still too early to say anything", said senior agency spokesman, Jan Op Gen Oorth. So, if the country conducted this recent one, it would not come as a surprise.

Symantec and Kaspersky Lab agreed with Mehta's findings that hint at some sort of connection between WannaCry and North Korea.

A group with ties to North Korea is thought to be responsible for a series of attacks on financial institutions.

Europol said the situation was "stable" after attacks that struck computers in British hospital wards, European vehicle factories and Russian banks.

But although there were thousands of additional infections there, the expected second-wave outbreak largely failed to materialize, in part because security researchers had already defanged it.

In addition to Russia, China and India have blamed the USA government for developing the original code.

The virus which originates from Windows vulnerability built and developed from the U.S National Security Agency, is a probable work of unsophisticated hackers.

While the attacks have raised concerns for cyber authorities and end-users worldwide, they have helped cybersecurity stocks as investors bet governments and corporations will spend more to upgrade their defences.

Nadal takes Madrid title
The first game of the second set suggested not: two dire misses and it was break point, and a netted forehand finished it off. He also beat Thiem in the Barcelona title match . "Hopefully I'll have another good result in Rome ".

Trump to mend ties with Erdogan at White House meet
District Judge Berman has questioned whether his work with Zarrab would make the defendant less likely to pursue such options. Trump made news last month by phoning Erdogan to congratulate him on a referendum in Turkey that furthered Erdogan's power.

Trump pays tribute to fallen police officers
Authorities say 143 law enforcement officers died in the line of duty past year throughout the country. Sessions promised law enforcement he would "have their backs", as he leads the Justice Department.

Speaking at a news conference after an economic conference in China, Russian President Vladi¬mir Putin told journalists that Russia "had nothing to do" with the WannaCry virus.

"Once they're let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators", he said.

"I'm afraid that there may be more attacks down the road using the rest of the tools leaked in April", he said.

USA package delivery giant FedEx, Spanish telecoms giant Telefonica and Germany's Deutsche Bahn rail network were among those hit.

The news agency says there have been no reported incidents of the ransomware affecting government agencies.

The "WannaCry" malware virus functioned by encrypting user data, effectively barring access and demanding a ransom of between $300 and $600 in the digital currency bitcoin.

Bossert said that paying the ransom provided no guarantee files would be unlocked.

Finally, if the plan was simply to make money, it's been pretty unsuccessful on that front too - only around United States dollars 60,000 has been paid in ransoms, according to analysis of Bitcoin accounts being used by the criminals.

Jonathan Levin of Chainalysis, which monitors bitcoin payments, said there were other differences compared to most ransomware campaigns: for instance the lack of sophisticated methods used in previous cases to convince victims to pay up.

The NSA used the Microsoft flaw to build a hacking tool codenamed EternalBlue that ended up in the hands of a mysterious group called the Shadow Brokers, which then published that and other such tools online.

Other reports by Free-Prsite

Discuss This Article