• Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!

Could WannaCry ransomware be linked to North Korea?

WannaCry, the ransomware package that wreaked havoc across the world’s Windows machinery this past weekend, might have links to North Korea, security experts revealed.

The ransomware swept across the world last Friday, infecting over a quarter-million Windows machines across 150 countries. It remains a threat, but infection rates have somewhat slowed.

According to a report published by Reuters, South Korean security researchers found coding similarities in WannaCry’s earlier versions, and a different malware used by the Lazarus Group — a hacking collective with ties to North Korea.

These findings have also been noted by Google security researcher Neel Mehta, Symantec and Kaspersky.

The similarities suggest that the two wares could have a common creator, in this case, the Lazarus Group.

The Lazarus Group isn’t exactly a newcomer to the cybercrime space. The collective is known for hacking Sony Pictures back in 2014, just prior to the release of the The Interview starring Seth Rogan and James Franco. The movie poked fun at US-North Korean relations, and the country’s leader Kim Jong-Un.

WannaCry, and a previous batch of code in malware used by the Lazarus Group, boast some notably similarities

While leaking the movie ahead of its theatrical release, the hack also exposed a slew of sensitive company data including executive salaries, other unreleased Sony Pictures properties and employee personal information.

The United States also tied the Sony hack to North Korea.

The Lazarus Group is also known for carrying out a number of financial attacks across at least 18 countries. In 2016, the group stole US$81-million from the Central Bank of Bangladesh in one of its more infamous offenses.

Although the research is well underway, security firms and governments are not ready to implicate North Korea in the WannaCry attack, but they aren’t ruling it out.

“For now, more research is required into older versions of Wannacry,” security firm Kaspersky wrote in a blog.

“We believe this might hold the key to solve some of the mysteries around this attack. One thing is for sure — Neel Mehta’s discovery is the most significant clue to date regarding the origins of Wannacry.”

Feature image: (stephan) via Flickr (CC 2.0, resized)

Author | Andy Walker: Editor

Andy Walker: Editor
Camper by day, run-and-gunner by night, Andy prefers his toast like his coffee -- dark and crunchy. Specialising in spotting the next big Instagram cat star, Andy also dabbles in smartphone, gadget and game reviews over on Gearburn. More

More in Security

WannaCry ransomware infects a quarter million computers in 150 countries

Read More »