Intezer Code Intelligence™ technology suggests WannaCry Ransomware attack has strong links to North Korea
May 2017 by Intezer
Intezer, announced the release of its findings related to the WannaCry ransomware attack. Intezer Code Intelligence™ technology found a clear code connection between the WannaCry hacking tools and other malwares used in previous cyber-attacks associated with North Korean hackers.
On Friday, May 12, 2017, a massive-scale cyber-attack using WannaCry ransomware was launched that infected more than 230,000 computers in 150 countries. WannaCry used the leaked EternalBlue exploit from the NSA, in order to spread itself throughout Windows networks.
The Intezer report released today reveals clear code connections between previously unrelated malware families such as WannaCry, Lazarus, Joanap and Brambul worm. Those connections strongly suggests that these hacking tools were written or modified by the same author, while the aforementioned malware families have been attributed to North Korean hackers in the past-reinforcing the potential link between WannaCry and North Korean cyber attackers.