« It is similar to North Korea’s backdoor malicious codes, » a senior researcher said.
SEOUL/WASHINGTON May 16 (Reuters) – Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyber attack that has infected more than 300,000 computers worldwide, as global authorities scrambled to prevent hackers from spreading new versions of the virus.
A researcher from South Korea ’s Hauri Labs said on Tuesday their own findings matched those of Symantec and Kaspersky Lab, who said on Monday that some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, identified by some researchers as a North Korea -run hacking operation.
“It is similar to North Korea ’s backdoor malicious codes, ” said Simon Choi, a senior researcher with Hauri who has done extensive research into North Korea ’s hacking capabilities and advises South Korea n police and National Intelligence Service.
Both Symantec and Kaspersky said it was too early to tell whether North Korea was involved in the attacks, based on the evidence that was published on Twitter by Google security researcher Neel Mehta.
The attacks, which slowed on Monday, are among the fastest-spreading extortion campaigns on record.
In China, foreign ministry spokeswoman Hua Chunying said she had no information to share, when asked about the origin of the attack and whether North Korea might be connected.
Several Asian countries have been affected by the malware, although the impact has not been as widespread as some had feared.
In Malaysia, cybersecurity firm LE Global Services said it identified 12 cases so far, including a large government-linked corporation, a government-linked investment firm and an insurance company. It did not name any of the entities.
“We may not see the real picture yet, as companies are not mandated to disclose security breaches to authorities in Malaysia, ” said LE Global CEO Fong Choong Fook.
“The real situation may be serious.
