WannaCry Ransomware Shares Code With North Korean Malware, Says Researchers

New submitter unarmed8 quotes a report from CyberScoop: The ransomware known as WannaCry that spread rapidly to 300,000 machines in 150 countries over the past few days shares code with malware written by a group of North Korean hackers known as the Lazarus Group. While the shared code is important, experts warned that it's far from proof about who created and launched the ransomware attacks. Neel Mehta, a security researcher at Google, first pointed out the shared code on Monday on Twitter. The link was quickly echoed by numerous other experts. "From a technical point of view those two functions and their references are identical," said Matt Suiche, founder of United Arab Emirates-based cybersecurity firm Comaeio. "From an attribution point of view a ransomware would subscribe to the narrative of Lazarus Group, which is stealing money like we saw with multiple financial institutions with fraudulent SWIFT transactions -- having a nation-state powered ransomware leveraging crypto currency would be a first."

I thought this ransomware came from NSA

[mea2214]

Now it comes from North Korea? Who wrote this movie? It makes no sense.

the propaganda narrative needs work.

[nimbius]

Either North Korea is an impoverished dictatorship that could never, ever launch a successful ICBM and routinely runs out of energy and food, or its an underground powerhouse releasing some of the deadliest malware to date and rivals the US and Russia in technical prowess.

Theres also the unresolved dependency that this exploit came from the NSA. Nice try.