Tajuk : North Korean hackers might be behind the global WannaCry ransomware attack
link : North Korean hackers might be behind the global WannaCry ransomware attack
North Korean hackers might be behind the global WannaCry ransomware attack
Jason Lee/Reuters
North Korea.
It’s difficult to pin down who, exactly, is behind the WannaCry ransomware attack which kicked off last week.
But multiple security researchers think a suspected North Korean state-sponsored hacking group might be to blame.
They found code similarities between an early version of WannaCry from February, and malicious tools used by a hacking group known as Lazarus.
Lazarus’ link to North Korea isn’t definite, but security researchers have linked the two in previous attacks. The group is also thought to have been responsible for the Sony hack in 2014. It was also implicated in the theft of $81 million (£62 million) from a Bangladeshi bank in 2016.
The trail starts with a cryptic tweet from Neel Mehta, a security researcher at Google:
Neel is referring to the two code samples here, but doesn’t go any further. One code sample is from the early version of WannaCry, and the other from the malicious software used by Lazarus, called Contopee.
Security firms Kaspersky and Symantec then analysed the two samples, and found that part of the WannaCry code had actually been copied from Contopee. Another researcher, Comae Technologies’ Matthieu Suiche, corroborated the findings. That suggests Lazarus borrowed code for WannaCry from its own, existing tools.
The link isn’t definite. As Symantec’s researchers wrote: “While these findings do not indicate a definite link between Lazarus and WannaCry, we believe that there are sufficient connections to warrant further investigation.”
Kaspersky’s researchers said this was the most “significant” clue to date about WannaCry’s origins.
Both firms said researchers would need to look at other early versions of WannaCry. And both said this could all be a “false flag” designed to mislead law enforcement trying to track down the culprits. It’s entirely possible some other hacking group found and copied code from Lazarus’ tools.
Symantec said in a statement to Motherboard: “We discovered that earlier versions of WannaCry in April and early May that weren’t widely distributed, unlike the recent outbreak, were found on systems shortly after being compromised with known Lazarus tools.
“However, we have not yet been able to confirm the Lazarus tools deployed WannaCry on these systems. In addition, we found code in WannaCry used in SSL routines that historically was unique to Lazarus tools. While these connections exist, they so far only represent weak connections. We are continuing to investigate for stronger connections.”
So far, the attacker behind WannaCry has made more than $49,000 (£37,900). The ransomware — malicious software which encrypts data on a PC, then demands payment for decryption — has infected hundreds of thousands of PCs across at least 150 countries globally.
9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution
— Neel Mehta (@neelmehta) May 15, 2017
NOW WATCH: Here’s a visualization of Elon Musk’s tunneling project that could change transportation forever
Read more stories on Business Insider, Malaysian edition of the world’s fastest-growing business and technology news website.
✍ Sumber Pautan : ☕ Business InsiderBusiness Insider
Kredit kepada pemilik laman asal dan sekira berminat untuk meneruskan bacaan sila klik link atau copy paste ke web server : http://ift.tt/2rloZ3M
(✿◠‿◠)✌ Mukah Pages : Pautan Viral Media Sensasi Tanpa Henti. Memuat-naik beraneka jenis artikel menarik setiap detik tanpa henti dari pelbagai sumber. Selamat membaca dan jangan lupa untuk 👍 Like & 💕 Share di media sosial anda!
Jason Lee/Reuters
North Korea.
It’s difficult to pin down who, exactly, is behind the WannaCry ransomware attack which kicked off last week.
But multiple security researchers think a suspected North Korean state-sponsored hacking group might be to blame.
They found code similarities between an early version of WannaCry from February, and malicious tools used by a hacking group known as Lazarus.
Lazarus’ link to North Korea isn’t definite, but security researchers have linked the two in previous attacks. The group is also thought to have been responsible for the Sony hack in 2014. It was also implicated in the theft of $81 million (£62 million) from a Bangladeshi bank in 2016.
The trail starts with a cryptic tweet from Neel Mehta, a security researcher at Google:
Neel is referring to the two code samples here, but doesn’t go any further. One code sample is from the early version of WannaCry, and the other from the malicious software used by Lazarus, called Contopee.
Security firms Kaspersky and Symantec then analysed the two samples, and found that part of the WannaCry code had actually been copied from Contopee. Another researcher, Comae Technologies’ Matthieu Suiche, corroborated the findings. That suggests Lazarus borrowed code for WannaCry from its own, existing tools.
The link isn’t definite. As Symantec’s researchers wrote: “While these findings do not indicate a definite link between Lazarus and WannaCry, we believe that there are sufficient connections to warrant further investigation.”
Kaspersky’s researchers said this was the most “significant” clue to date about WannaCry’s origins.
Both firms said researchers would need to look at other early versions of WannaCry. And both said this could all be a “false flag” designed to mislead law enforcement trying to track down the culprits. It’s entirely possible some other hacking group found and copied code from Lazarus’ tools.
Symantec said in a statement to Motherboard: “We discovered that earlier versions of WannaCry in April and early May that weren’t widely distributed, unlike the recent outbreak, were found on systems shortly after being compromised with known Lazarus tools.
“However, we have not yet been able to confirm the Lazarus tools deployed WannaCry on these systems. In addition, we found code in WannaCry used in SSL routines that historically was unique to Lazarus tools. While these connections exist, they so far only represent weak connections. We are continuing to
So far, the attacker behind WannaCry has made more than $49,000 (£37,900). The ransomware — malicious software which encrypts data on a PC, then demands payment for decryption — has infected hundreds of thousands of PCs across at least 150 countries globally.
9c7c7149387a1c79679a87dd1ba755bc @ 0x402560, 0x40F598
ac21c8ad899727137c4b94458d7aa8d8 @ 0x10004ba0, 0x10012AA4#WannaCryptAttribution
— Neel Mehta (@neelmehta) May 15, 2017
NOW WATCH: Here’s a visualization of Elon Musk’s tunneling project that could change transportation forever
Read more stories on Business Insider, Malaysian edition of the world’s fastest-growing business and technology news website.
✍ Sumber Pautan : ☕ Business InsiderBusiness Insider
Kredit kepada pemilik laman asal dan sekira berminat untuk meneruskan bacaan sila klik link atau copy paste ke web server : http://ift.tt/2rloZ3M
(✿◠‿◠)✌ Mukah Pages : Pautan Viral Media Sensasi Tanpa Henti. Memuat-naik beraneka jenis artikel menarik setiap detik tanpa henti dari pelbagai sumber. Selamat membaca dan jangan lupa untuk 👍 Like & 💕 Share di media sosial anda!
dengan itu Perkara North Korean hackers might be behind the global WannaCry ransomware attack
Kini anda membaca artikel North Korean hackers might be behind the global WannaCry ransomware attack dengan alamat pautan https://timesnewmalaysia.blogspot.com/2017/05/north-korean-hackers-might-be-behind.html
Related Posts :
DJI streams drone footage to your television- Someone Made A Mashup Of Ozzy Osbourne And Earth, Wind, & Fire.. And We Can’t Stop Laughing
- The US and Mexico may be teaming up to fight heroin, but the enemy is tougher than it appears
- We tried the new dessert Chipotle is testing and were deeply confused
- Steve Kerr yells the same thing every time Draymond Green shoots a 3 as part of the unusual way he manages the Warriors star
0 Response to "North Korean hackers might be behind the global WannaCry ransomware attack"
Catat Ulasan