![]() ![]() ![]() The most best-known attack attributed to the Lazarus Group, a devastating hack of Sony Pictures in 2014. Since WannaCry operated as a “worm”, spreading from computer to computer automatically, it is unlikely that its creators had any specific target in mind. That exploit, named EternalBlue, allowed an attacker to jump between Windows computers, bypassing security constraints on the way it is the key reason why the malware was able to spread so far and fast, and take out entire organisations in a very short space of time. The core of WannaCry was an exploit first discovered by the NSA, before being stolen and posted online by an anonymous entity named The Shadow Brokers. The same code overlap was also seen in another piece of malware used to attack the Polish banking regulator KNF, another operation attributed by SecureWorks to the Lazarus group. “Brambul is uniquely associated with North Korean threat group Nickel Academy (AKA Lazarus group),” SecureWorks says. ![]() Private companies have reverse-engineered the code, but the British assessment was apparently based on wider information.Īnalysis of the code behind the application in early June, like that carried out by cybersecurity firm SecureWorks, suggested links to North Korea.Īccording to the firm, an earlier version of WannaCry, named “Wanna Decryptor v1.0”, was being distributed in a way that shared code with an earlier piece of malware called Brambul. The NCSC investigation reached the same conclusion based on its own research, the source said, adding no evidence had emerged of anyone else being involved. GCHQ’s US counterpart, the National Security Agency, has also linked the WannaCry bug to North Korea. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |