Google Researcher Finds Link Betwixt Wannacry Attacks Together With Northward Korea

So far, nobody had an sentiment that who was behind WannaCry ransomware attacks?

But instantly in that place is a clue that lies inward the code.

Neel Mehta, a safety researcher at Google, found prove that suggests the WannaCry ransomware, that infected 300,000 machines inward 150 countries over the weekend, is linked to a state-sponsored hacking grouping inward North Korea, known for cyber attacks against South Korean organizations.

What's Happening? What is WannaCry?

This is the 5th twenty-four hr menstruation since the WannaCry ransomware gear upward on surfaced, that leverages a critical Windows SMB exploit as well as nonetheless infecting machines across the footing using newly released variants that don't convey whatever "kill switch" ability.

In case, if yous convey landed on WannaCry floor for the initiative of all time, as well as don’t know what’s going on, yous are advised to equally good read this simple, summarized, but detailed explanation:

WannaCry: What Has Happened So Far & How to protect your PCs

WannaCry: First Nation-State Powered Ransomware?

Neel discovered that the code flora inward the WannaCry malware—one that initiative of all surfaced inward February—was identical to the code used inward an early on 2015 version of Cantopee, a malicious backdoor developed past times Lazarus Group, believed to live on a state-sponsored hacking grouping linked to the North Korean government.

Security researchers from DarkSeoul operation, the devastating 2014 Sony Pictures Hack, as well as the 2016 Bangladesh $81 Million banking concern heist.

However, this finding is non yet sufficient to link the Lazarus Group to WannaCry, because it is possible that WannaCry authors may convey purposely copied code from Lazarus' backdoor computer program inward an elbow grease to mislead researchers as well as police delineate enforcement equally they investigate.

"We believe that in that place are sufficient connections to warrant farther investigation. We volition proceed to portion farther details of our enquiry equally it unfolds," says Symantec, the safety theatre which has tracked the Lazarus over recent years.

Agreeing to the same, Matt Suiche from Comaeio said:

"The attribution to Lazarus Group would brand feel regarding their narrative which inward the past times was dominated past times infiltrating fiscal institutions inward the finish of stealing money. If validated, this agency the latest iteration of WannaCry would, inward fact, live on the initiative of all acre state powered ransomware."

Is the WannaCry Attack Over? *NO*

Absolutely Not; this is merely the beginning.

Security researchers convey discovered to a greater extent than or less novel variants of this ransomware, which could non live on stopped past times the kill switch, as well as thus yous are advised to brand certain yous convey applied the patch for SMB vulnerability as well as disabled SMBv1 protocol to maintain your Windows computers condom from WannaCry as well as other like attacks.

The WannaCry attackers ask ransom fees betwixt $300 to $600 to costless the hijacked data. The iii bitcoin wallets tied to #WannaCry ransomware convey received 225 payments totaling 35.98003282 BTC (approx. $60,000) from ransomware victims.

Share This :