Kaspersky Lab finds WannaCry creators in North Korea

Kaspersky Lab finds WannaCry creators in North Korea

Kaspersky Lab finds WannaCry creators in North Korea

The WannaCry ransomware attack that wreaked havoc on computer systems around the world over the past few days may be the handiwork of North Korea, some early clues suggest.

A researcher from South Korea's Hauri Labs said on Tuesday their own findings matched those of Symantec and Kaspersky Lab, who said on Monday that some code in an earlier version of the WannaCry software had also appeared in programmes used by the Lazarus Group, identified by some researchers as a North Korea-run hacking operation.

The same collective is believed to have been behind the 2014 hack of Sony Pictures and is also suspected of previous attacks on the global financial system.

A South Korean cybersecurity expert says there is more circumstantial evidence that North Korea may be to blame. He explained to Bloomberg News that North Korea has been mining the digital currency since 2013 using malicious programs.

So far, the cyberattack has infected some 300,000 computers in 150 countries, but only about $63,000 dollars in ransom has actually been paid to the hackers.

The research will be closely followed by law enforcement agencies around the world, including Washington, where President Donald Trump's homeland security adviser said on Monday that both foreign nations and cyber criminals were possible culprits.

"We are not aware if payments have led to any data recovery", Bossert said, adding that no USA federal government systems had been affected.

He added that his British counterparts said they now had a "feeling of control" after the attack struck 47 NHS organisations.

Russian President Vladimir Putin also held USA special services accountable for WannaCry virus attacks.

The hacking tools were first developed by the National Security Agency but were stolen and leaked, and now they may have been used by a North Korean hacking group.

"Once they're let out of the lamp, genies of this kind, especially those created by intelligence services, can later do damage to their authors and creators", he said.

WannaCry demanded ransoms starting at $300, in line with many cyber extortion campaigns, which keep pricing low so more victims will pay.

British-born Marcus Hutchins, who is now working in Los Angeles, stumbled on the solution by accident while analysing a sample of the malicious code, and then spent three days fighting the ransomware worm.

FireEye Inc, another large cyber security firm, said it was also investigating, but it was cautious about drawing a link to North Korea.

Sky News has learned that health trusts in England were sent details of a security patch last month that would have allowed them to protect themselves.

Related news