Cybersecurity researchers at Symantec Corp. and FireEye Inc. have uncovered more evidence tying this month’s WannaCry global ransomware attacks to North Korea.
The cyberattack that infected hundreds of thousands of computers worldwide was “highly likely” to have originated with Lazarus, a hacking group linked to the reclusive state, Symantec said. The software used was virtually identical to versions employed in attacks earlier this year attributed to the same agency, the company said in a report late Monday.
Symantec says 'highly likely' North Korea group behind ransomware attacks
Cyber security firm Symantec Corp said on Monday it was “highly likely” a hacking group affiliated with North Korea was behind the WannaCry cyber attack this month that infected more than 300,000 computers worldwide and disrupted hospitals, banks and schools across the globe.
Symantec researchers said they had found multiple instances of code that had been used both in the North Korea-linked group's previous activity and in early versions of WannaCry.
WannaCry: The North Korea Debate
Researchers split over whether an infamous North Korean hacking group, an affiliate, or another attacker altogether, is behind the epic ransomware worm.