“More evidence that North Korea is behind WannaCry-ransomware is
Security researchers have new and convincing evidence that the Lazarus Group, a computer hacker group that for the North Korean state does, behind the large-scale spread of the ransomware WannaCry.
Already been similarities found between the code of WannaCry and the malware Contopee, for many years, by Lazarus, is used.
Researchers from Symantec write Monday night that they are several other clues have been found that Lazarus to the new ransomware attack link. So three different pieces of Lazarus-malware found on the network of the first victim of WannaCry.
It includes a piece of software that was previously used to large amounts of data to erase in the filmtak of Sony. That company was in 2014 affected by a serious hack. According to the experts was North Korea behind the attack, denies the country.
At the WannaCry attack are also ip addresses that have previously been linked to Lazarus. Further, Symantec has code similarities found between different parts of the WannaCry-ransomware and older programs of Lazarus.
Several cybersecurity researchers have connected WannaCry previously been to North Korea, but that conclusion was by others was seen as premature. The ransomware could spread quickly due to the misuse of a Windows vulnerability that was previously found by the American intelligence service NSA, and by a computer hacker group on the street.
What we know about the ransomware WannaCry