The WannaCry ransomware has mysterious ties to North Korea

Researchers at Kaspersky Lab have uncovered new evidence linking the WannaCry ransomware code to North Korea. In a post today, the group detailed a segment of code used in both an early WannaCry variant and a February 2015 sample attributed to the Lazarus Group, a Kaspersky-tracked actor tied to the North Korean government. The overlap was first spotted by Google researcher Neal Mehta, and Kaspersky believes the similarity goes far beyond shared code.

“We strongly believe the February 2017 sample was compiled by the same people,” Kaspersky writes, “or by people with access to the same source code as the May 2017 WannaCry encryptor used in the May 11th wave of attacks.”

Read More

I think there is a possibility of more cyberattacks in the future from North Korea launching huge cyberattacks to make money online, or disrupting other countries by using ransomware, viruses, and hackers to hold people's files and computers for ransom.

The first recent big cyberattack from North Korea was when North Korea hacked Sony.

Demon_Skeith said:

Going to need some hard evidence before we point fingers at NK, which I find it hard to believe they can actually do something like this when their only internet comes through a route through China.

Click to expand...

The article says the WannaCry is similar to a ransomware which a North Korean previously created, but didn't say who launched the attack.

It is possible that a North Korean programmer can create ransomware since a lot of ransomware are based on other ransomware, virus and malware programs. But, new ransomware may use stronger file encryption, a different decryption key, and the code and program is modified and renamed, so most popular antivirus, antimalware, and antiransomware programs can't detect it, and won't stop the ransomware before it opens, and encrypts all its victims' files.

Ransomware attacks can start offline. Criminals can throw hundreds of USB flash drives infected with ransomware on the streets around the world, and hoping a less tech savvy victim plugs in the drive to see what is inside, and when they plug in the USB drive, their PC gets infected, and starts sending spam e-mail with the ransomware link to their friends and family e-mail addresses. There are viruses, and ransomware which also find victims' contact list in e-mail clients, and other programs, and the ransomware forwards the same message by e-mail, instant messages, and social network messages to other people on the users' contact list.

Demon_Skeith said:

opps, thats what I get for reading that late at night

But anyways, seems ransomware is on a mounting attack these days.

Click to expand...

I agree Ransomware seems to be the a very popular type of attack these days.

Hopefully, USB flash drive and SD card factories are not hacked, or have criminal employees who load ransomware onto storage drives to infect storage drive buyers.

I think Physical storage like Disc, memory cards, and cartridges will make a comeback if ransomware makers attack a lot more devices like smart tvs, smartphones, tablets, smart appliances, game consoles like the Xbox One, PS4, and Nintendo Switch which sell a lot of Digital Downloaded games which are stored on a hard drive or SSD which is vulnerable to Ransomware because hard drives and SSDs are not read-only where users and programs can't modify data or encrypt it with ransomware.

A lot of gamers would be angry if they found out their 2TBs of downloaded games is encrypted by ransomware, and PSN and Xbox Live's website/server also got hit by ransomware where they can't re-download their games until they pay a ransom, and hope the maker of the ransomware gives them a key to unlock their games.