Who is behind the massive global ransomware attack? Security researchers are working extensively to find out the culprits behind this worldwide cyber-attack. As per the findings, it is believed that the Lazarus Group on behalf of the North Korea is behind the WannaCry Ransomware. It is to be noted that the devastating hack on Sony Pictures in 2014, and another on a Bangladeshi bank in 2016, have both been attributed to this highly sophisticated group.
Researchers at Kaspersky Lab have uncovered new evidence linking the WannaCry ransomware code to North Korea. In a post on 15th May 2017, the group detailed a segment of code used in both an early WannaCry variant and a February 2015 sample attributed to the Lazarus Group, a Kaspersky-tracked actor tied to the North Korean government. The overlap was first spotted by Google researcher Neal Mehta, and Kaspersky believes the similarity goes far beyond shared code. As per Kaspersky, the February 2017 sample was compiled by the same people or by people with access to the same source code as the May 2017 WannaCry encryptor used in the May 12th wave of attacks. Symantec also found similar connections as per a report in Cyberscoop. However, the findings only represent weak connections. Security firms are still pursuing their investigations for stronger connections.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street