Jump to content

The NSA has linked the WannaCry computer worm to North Korea


Recommended Posts

The National Security Agency has linked the North Korean government to the creation of the WannaCry computer worm that affected more than 300,000 people in some 150 countries last month, according to U.S. intelligence officials.


The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with “moderate confidence” to North Korea’s spy agency, the Reconnaissance General Bureau, according to an individual familiar with the report.


The assessment states that “cyber actors” suspected to be “sponsored by” the RGB were behind two versions of WannaCry, a worm that was built around an NSA hacking tool that had been obtained and posted online last year by an anonymous group calling itself the Shadow Brokers.


It was the first computer worm to be paired with ransomware, which encrypts data on victims’ computers and demands a ransom to restore access.


WannaCry was apparently an attempt to raise revenue for the regime, but analysts said the effort was flawed. Though the hackers raised $140,000 in bitcoin, a form of digital currency, so far they have not cashed it in, the analysts said. That is likely because an operational error has made the transactions easy to track, including by law enforcement.


As a result, no online currency exchange will touch it, said Jake Williams, founder of Rendition Infosec, a cybersecurity firm. “This is like knowingly taking tainted bills from a bank robbery,” he said.


< Here >


Link to comment
Share on other sites

  • Replies 5
  • Views 526
  • Created
  • Last Reply
5 minutes ago, pc71520 said:

Whom else? N. Korea. :coolwink:

So far -- "Russians are coming"... "Russians are coming" ... "Russians are coming" -- so for a welcome, unsurprising (or should it be a surprising?) change ... ;)




Link to comment
Share on other sites

"The Washington Post"  is not a relieable source. Neither are anonymous sources since they cannot be vetted. Internal memos are not necessarily even information but may be asking questions,such as, 'Could the Reconnaissance General Bureau have a hand in the spread of WannaCry?'   New England area newspapers are famous for their fake news and misinformation. Most information available connects WannaCry to the Lazarus Group, a group of hackers that appear not to be state supported but possibly a group composed of Chinese and North Korean hackers acting on their own.  The reason for this is the hackers are not highly skilled, like state supported hackers would be, and based on their apparent 'working hours' and 'breaks' it appears they may be in China, Malaysia, or Indonesia.

Link to comment
Share on other sites

Just a couple of days ago It was the Chinese 


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...