Cyberattack WannaCry: a group of pirates linked to North Korea is suspected
The spread of the WannaCry virus worldwide is currently under control. Experts in cybersecurity search for the origin and found first tracks.
Computer security experts have identified elements that could link North Korea to the global cyber attack that has infected more than 300,000 computers in 150 countries since Friday. The researchers began to explore this track after a tweet by Neel Mehta, a Google security researcher, who brought two pieces of code together. One of them belongs to a malware of the group Lazarus dating from 2015 and the other is a WannaCry extract.
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution— Neel Mehta (@neelmehta) 15 mai 2017
A Kaspersky engineer , heavy-weight IT security, looked at this assumption following this tweet. He also found other pieces of code common between a malicious program used by the group Lazarus, Contopee, and Wannacry.
I heard ya'll like overlaps– another Lazarus sample with same WannaCrypt Overlap: 409c6a19705ccbd3185d5d0656c7811d @ 0x4018C0 from Oct 2014 pic.twitter.com/bLCuIT87vQ— J. A. Guerrero-Saade (@juanandres_gs) 15 mai 2017
It is too early to establish Lazarus' involvement on the basis of available evidence. "The similarities found between the malicious program related to this group and WannaCry are not unique enough to strongly suggest a common operator," said a FireEye researcher, John Miller. "We are open to investigate in all directions but we do not speculate and we can not confirm that," Jan Op Gen Oorth, spokesman for Europol told AFP. "It's too early to say anything."
The pirates of the Lazarus group, who act according to some computer security companies on behalf of North Korea, have been accused of theft of 81 million dollars to the central bank of Bangladesh. The group is known to have hacked Sony Pictures Entertainment during the release of The Interview . The film with James Franco and Seth Rogen for headliners ridiculed the Pyongyang regime. The event took place in 2014 and Barack Obama had officially linked the People's Republic to the cyberattack. However, this scenario has been disputed.
Little money collected, despite the size of the attack
The WannaCry ranking mainly spread through malicious messages, and affected factories, hospitals, businesses and schools around the world. Less than $ 70,000 in ransom was paid to the perpetrators of the attack, according to US homeland security advisor Tom Bossert. The sums requested to recover access to his computer began at $ 300, an amount similar to previous large-scale attacks, chosen to trigger a maximum of payments. In view of the weakness of the booty, some experts doubt the motive of the attack.
According to anti-virus software designer Avast, based in the Czech Republic, Russia, Taiwan, Ukraine and India were the most affected. The number of new infections by the virus fell sharply on Monday, compared to the peak of more than 9000 contaminations per hour recorded on Friday.
(With AFP and Reuters)
News, high tech, internet, technology, ICT, new technologies, multimedia, web, blog, blogs, smartphone, tablet, iphone, gadgets, gadget, widgets
