• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
WebSetNet

WebSetNet

Technology News

  • Technology News
    • Mobile
    • Games
  • Internet Marketing
  • System Admin
    • Windows
    • Linux
    • Mac & Apple
    • Website Scripts
      • Wordpress

WannaCry Ransomware: Attack Shares Code With North Korea Malware, Experts say

August 5, 2020 by Martin6

The widespread ransomware attack known as WannaCry that hit hundreds of thousands of computer systems in countries around the world Friday shares code with malware attributed to a group of North Korean hackers, security researchers said Monday.

The similarity was first discovered by Google security researcher Neel Mehta. A number of security experts echoed the findings, but warned similarities do not equate to clear attribution.

Read: Telefonica WannaCry Ransomware: One Of Spain’s Largest Telecom Companies Hit By Cyberattack

The malware that WannaCry shares is a backdoor trojan known as Contopee. The malicious software has been used by the North Korea-connected hacking collective Lazarus Group to attack a number of targets, including financial institutions in Southeast Asia.

Lazarus Group has been associated with a number of significant attacks in recent years, including an $81 million heist of funds from a bank in Bangladesh, a 2013 attack on South Korean television stations and banks, and the 2014 attack on Sony Pictures that resulted in the leak of confidential information and unreleased films.

While the shared code may help eventually determine the source of the WannaCry attack, it is not an official attribution since code can be used, reused and rewritten to be utilized within other programs — a technique that can be used to make use of a certain feature or even create a false attribution.

Read: WannaCry Ransomware Attack: Hackers Raised $50,000 In Bitcoins, Now What?

Focal Point CEO Yong-Gon Chon told International Business Times attribution is extremely difficult and often not a straight-forward process, but a rush for information can lead some to jump to conclusions that may not be accurate, as he and his firm found in a recent case where a cyberattack on Ukrainian artillery attributed to Russia.

“If you’re working for law enforcement or intel agencies, you can do that kind of analysis for internal consumption,” Chon said. “But when you publish material like that in the media, you’re no longer just an intel analyst. You become a forensic examiner in the court of public opinion.”

He warned that attribution in a media environment that is desperate for information can be a “marketing and publicity thing. Identifying malicious nation-state or criminal activity is very much a spectacle in the media.”

Chon also warned it can be easy for attribution to be given because it’s the simplest possible solution, even if the evidence isn’t totally there.

“You see this when you go to the doctor’s office,” he said. “If the doctor sees five patients in the same day that have the flu and you have similar symptoms, they have a tendency to say you have the flu. That doesn’t absolve the doctor of executing the right protocols to do their diagnosis appropriately.”

During a White House briefing on Monday, Homeland Security Adviser Tom Bossert said attribution is “something that we are working on quite seriously” but sometimes it eludes investigators. “Attribution can be difficult here,” he said.

Kaspersky Lab researchers suggested further information is needed about older versions of WannaCry before any sort of definite attribution can be made. “We believe this might hold the key to solve some of the mysteries around this attack,” the firm said in a blog post, noting Mehta’s discovery “is the most significant clue to date regarding the origins of Wannacry.”

Source

Related posts:

  1. 7 Best Marketing Attribution Software for 2021
  2. A new Minecraft: Bedrock Edition patch update is rolling out to all players
  3. WannaCry Ransomware Update: $143,000 Withdrawn From Ransom Wallets
  4. WannaCry Ransomware: British Security Experts Link Attack To North Korea
  5. Sophisticated new Android malware marks the latest evolution of mobile ransomware
  6. WannaCry Ransomware: Honda Plant Forced To Shut Down After Attack
  7. The Week in Ransomware – February 2nd 2018 – TOR Sites Stealing Ransom Payments & GandCrab
  8. How to Install Software from Source Code… and Remove it Afterwards
  9. WannaCry Ransomware: Traffic Cameras In Australia Hit By Virus
  10. Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

Filed Under: WannaCry Ransomware Attack

Primary Sidebar

Trending

  • How to fix Windows Update Error 80244019
  • Windows 10 Update keeps failing with error 0x8007001f – 0x20006
  • How To Change Netflix Download Location In Windows 10
  • Troubleshoot Outlook “Not implemented” Unable to Send Email Error
  • How do I enable or disable Alt Gr key on Windows 10 keyboard
  • How To Install Android App APK on Samsung Tizen OS Device
  • 3 Ways To Open PST File Without Office Outlook In Windows 10
  • FIX: Windows Update error 0x800f0986
  • How to Retrieve Deleted Messages on Snapchat
  • Latest Samsung Galaxy Note 20 leak is a spec dump revealing key features
  • Install Android 7.0 Nougat ROM on Galaxy Core 2 SM-G355H
  • 192.168.1.1 Login, Admin Page, Username, Password | Wireless Router Settings
  • Websites to Watch Movies Online – 10+ Best Websites Without SignUp/Downloading
  • How to Backup SMS Messages on Your Android Smartphone
  • How to delete a blank page at the end of a Microsoft Word document
  • Fix: The Disc Image File Is Corrupted Error In Windows 10
  • Android 11 Custom ROM List – Unofficially Update Your Android Phone!
  • Samsung Galaxy Z Fold 3 could be scheduled for June 2021, with S Pen support

Footer

Tags

Amazon amazon prime amazon prime video Apple Application software epic games Galaxy Note 20 Galaxy S22 Plus Galaxy S22 Ultra Google Sheets headphones Huawei icloud Instagram instant gaming ip address iPhone iphone 12 iphone 13 iphone 13 pro max macOS Microsoft Microsoft Edge Mobile app office 365 outlook Pixel 6 Samsung Galaxy Samsung Galaxy Book 2 Pro 360 Samsung Galaxy Tab S8 Smartphone speedtest speed test teams tiktok Twitter vpn WhatsApp whatsapp web Windows 10 Windows 11 Changes Windows 11 Release Windows 11 Update Windows Subsystem For Android Windows 11 Xiaomi

Archives

  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org