Cyber Security experts believe that there is evidence to suggest that a North Korean group is behind the WannaCry infection.
As many as 300.000 computers in 150 countries have been infected by the virus.
NDTV (@ndtv) 16 May 2017
It is suspected that the Lazarus Group,based in China, but working for North Korea, is behind the malware.
The indications are far from conclusive.
Eric Chien is a researcher for cyber security company Symantec:“We’ve uncovered a couple of what we would call weak indicators or weak links between WannaCry and this group that’s been previously known as Lazarus. Lazarus was behind the attacks on Sony and the Bangladesh banks for example. But these indicators are not enough to definitively say it’s Lazarus at all.”
A through investigation is underway as researchers attempt to collect data to pinpoint the origin of the attack.
Marcus Hutchins who helped block the malware believes that the hack is over:“We think there might be more domains out there that will sort of come around the next few weeks but this one, I think, is pretty much done and dusted.”
Those in the business say absolute fact is hard to come by with hackers constantly covering their tracks by using so-called false flags.
In the WannaCry hack the code is set to the Chinese time zone and the text looks to have been computer translated into English.
Though these indicators could be a diversion.