Published: Tue, May 23, 2017
Hi-Tech | By Grace Becker

WannaCry ransomware: Cyber attack eases, hacking group threatens to sell code

WannaCry ransomware: Cyber attack eases, hacking group threatens to sell code

Three computer security companies, Symantec, Kapersky and Hauri, have said the WannaCry software appears to share code used by hacking groups linked to North Korea which attacked South Korean banks, TV stations and Sony in the past.

Simon Choi, a senior researcher at South Korea's Huari Labs who advises South Korean police and intelligence officials, said WannaCry's code "is similar to North Korea's backdoor malicious codes".

North Korea on Tuesday released a detailed report on the global WannaCry ransomware attack, but kept mum about worldwide suspicions that it might have been behind the destructive hacking.

"We are talking about a possibility, not that this was done by North Korea", Choi said.

"This is the best clue we have seen to date as to the origins of WannaCry", Kurt Baumgartner, a researcher at Kaspersky Lab, told Reuters.

Some suspect a group known as Lazarus, believed to be a mixture of North Korean hackers operating in tandem with Chinese "cyber mercenaries". "The Lazarus tools could potentially have been used as method of propagating WannaCry, but this is unconfirmed". However, he also said that it's too early to blame North Korea for the cyberattack, based on these assumptions.

The New York Times reports that USA government officials have seen the similarities between WannaCry and the weapons employed in previous cyber attacks linked to North Korea, including the Sony hack, an assault on the central bank of Bangladesh past year, and an attack on Polish banks in February. While these connections exist, they so far only represent weak connections.

Lazarus is believed to operate from China-for North Korea.

Warriors' Zaza Pachulia (heel) out; Andre Iguodala will play in Game 4
Zaza Pachulia missed the game and was not on the bench after bruising his right heel during the first quarter of Game 2 . Jonathon Simmons added 14 points, and Pau Gasol contributed 12 points and 10 rebounds for San Antonio .

WannaCry, developed in part with hacking techniques that were either stolen or leaked from the U.S. National Security Agency, has infected more than 300,000 computers since Friday, locking up their data and demanding a ransom payment to release it.

Security researchers have flagged a possible link between North Korea and the massive cyberattack that hit at least 150 countries around the world.

"This can be an attempt to cover traces conducted by orchestrators of the WannaCry campaign".

"For now, more research is required into older versions of Wannacry".

WannaCry has been characterized as a sloppy attack with poor money handling on the ransom end, putting an nearly absurdly small sum in the hackers' Bitcoin account compared to the scale of global havoc they have inflicted.

Cisco Systems closed up 2.3 percent and was the second-biggest gainer in the Dow Jones Industrial Average, as investors focused more on opportunities that the attack presented for technology firms than the risk it posed to corporations.

James Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington, said USA investigators are collecting forensic information - such as internet addresses, samples of malware or information the culprits might have inadvertently left on computers - that could be matched with the handiwork of known hackers.

Like this: