North Korea denies role in Wanna Cry

The Hill · Lifestyle · 1 month ago

North Korea denies reports linking the Wanna Cry malware with the country's best-known hacking unit. 

"Ridiculous," said Deputy Ambassador to the U.N. Kim In Ryong during a press conference. 

"Whenever something strange happens, it is the stereotypical way of the United States and hostile forces to kick of a noisy anti-DPRK campaign. 

Researchers at a few high profile labs have noticed links between the Wanna Cry ransomware that wreaked havoc across the world since last Friday and previous hacking efforts by North Korea's Lazarus Group. 

Kaspersky Lab believes that large swaths of identical code in an early sample of the ransomware to code in Lazarus Group malware might show that North Korea is involved. The overlapping code was first noticed by a researcher at Google. Kaspersky has said that evidence is not conclusive but makes a strong connection. 

Symantec found Lazarus Group tools on the computer of an early victim of Wanna Cry, which they speculated may have been the way the virus was spread before the automated system of finding new targets was introduced. Symantec, too, did not find the evidence conclusive. 

Others have noted that hackers copy and paste publically available code all the time, and Wanna Cry could easily come from anyone else. The firm Cyberreason, released a white paper today arguing that "the relatively low compromise rate of South Korea, Japan, and the United States runs contrary to every attack ever authorized by Pyongyang."

Wanna Cry infected hundreds of thousands of computers across the world since debuting last week, but due to coding flaws and other problems, did not ultimately make very much money. Bitcoin transactions are publicly recorded and the three accounts that accept ransom combine for less than $100,000 as of Friday afternoon.