Wednesday, May 17, 2017

North Korea Unleashed The Global Ransomware Attack?

Fat Kim made measly $30,000 from global cyber-attack.
North Korean hackers may be behind global cyberattack: A North Korean hacking group is suspected of being behind the massive “ransomware” cyberattack that hit countless countries and computers across the globe over the past few days.

The cybersecurity firms Symantec Corp. and Kaspersky Lab are investigating the alleged ties and looking into technical evidence that possibly suggests the North’s involvement, according to Reuters. The companies claim to have found some code in an earlier version of the WannaCry ransomware that had also been used in programs deployed by the Lazarus Group, which is reportedly run by the Hermit Kingdom.

An estimated 300,000 computers — in more than 150 countries — are believed to have been affected by the cyberattack, which showed no signs of slowing down on Monday. The assault is said to come by email, in the form of a malware (malicious software) program known as WannaCry, which locks users out of their computers and threatens to destroy all of their data if a ransom is not paid in full.

The ransomware has made its way into schools, hospitals, businesses and homes in Europe, Asia and North America. The Trump administration on Monday insisted, though, that no US federal systems have been afflicted.

The cyber-extortion plot first emerged Friday — paralyzing older versions of Microsoft Windows and asking for a $300 to $600 payment to unlock them. Asia was believed to be the hardest hit, with more than 40,000 businesses and institutions falling victim to the malware scam.

Officials ultimately fear that the ransomware may eventually be re-released without an off button, or kill switch — which is how researchers in the UK were able to stop the malware’s initial spread.

Investigators reportedly are searching for digital clues as to who could be behind the attacks, such as history of the bitcoin accounts that are being used to collect the ransom payments. They are also disassembling the software program in an effort to find more evidence.

SEOUL, South Korea — A South Korean cybersecurity expert said Tuesday there is more circumstantial evidence that North Korea may be behind the global “ransomware” attack: The way the hackers took computers and servers across the world hostage was similar to previous cyberattacks attributed to North Korea.

Simon Choi, a director at anti-virus software company Hauri Inc. who has analyzed North Korean malware since 2008 and advises the government on cyberattacks, said the North is no newcomer to the world of bitcoin and has been mining the digital currency using malicious computer programs since as early as 2013.

In the current attack, hackers demand payment from victims in bitcoin to regain access to their encrypted computers. Last year, Choi accidentally spoke to a hacker traced to a North Korean internet address about development of ransomware and he alerted South Korean authorities.

If North Korea, believed to be training cyberwarriors at schools, is indeed responsible for the latest attack, Choi said the world should stop underestimating its capabilities and work together to think of a new way to respond to cyber threats, such as having China pull the plug on North Korea’s internet.

Choi is one of a number of researchers around the world who have suggested a possible link between the “ransomware” known as WannaCry and hackers linked to North Korea. While Choi’s speculation may deepen suspicions that the nuclear-armed state is responsible, the evidence is still far from conclusive.

Authorities are working to catch the extortionists behind the global cyberattack, searching for digital clues and following the money. Researchers at Symantec and Kaspersky Lab have found similarities between WannaCry and previous attacks blamed on North Korea.

South Korea has been a frequent target of cyberattacks that it traced to its northern neighbor. Some high-profile attacks between 2009 and 2013 shut down government websites and banking systems and paralyzed broadcasters.

South Korea was mostly spared from the latest ransomware attack, partly because the constant threats have made the government and companies careful about always updating their software.
Fake FBI message from previous N-Korean ransomware attacks.
Related posts at following links:
Kim The Mad Korean Bastard "Wants To End The World".