WannaCry Attack Codes Linked With North Korea
After holding many organisations for ransom in over 150 countries finally, we come to know the origins of the attack might be linked to alleged hackers from North Korea. The suspicions about the north Korean angle sparked when on Monday well-known security expert from Google Mr Neel Mehta revealed the similarity between the codes used in previous versions of WannaCry ransomware and that in a hacker tool used by Lazarus Group in a Twitter post.
9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution
— Neel Mehta (@neelmehta) May 15, 2017
Speaking to online media Security expert Prof Alan Woodward pointed out the timestamps within the original WannaCry code were set to UTC +9 – China’s Time zone and the text demanding the ransom used what looks like machine translated English is, in fact, Chinese written by a native speaker.
Prof Woodward said – “As you can see it’s pretty thin and all circumstantial, However, it’s worth further investigation.”
Russian President Vladimir Putin during his visit to Beijing on Sunday urged the international community to offer coordinated response to the cybersecurity threats at the highest political level and showed his displeasure on US’s refusal to discuss the issue with Russia. He also had a different side to the WannaCry issue where he said – “Microsoft’s management has made it clear that the virus originated from US intelligence services.”
Slowly but surely the effects of the ransomware are wearing out. Marcus Hutchins a 22 year old security expert speaking to media said – “The attack is “done and dusted” thanks to the accumulated effort of hundreds of specialists over the weekend”
Share on FacebookShare on Twitter