Stories
Slash Boxes
Comments

SoylentNews is people

posted by on Tuesday May 23 2017, @11:34PM   Printer-friendly
from the dear-leader-wrote-it-himself-20-years-ago dept.

Symantec and FireEye have linked the recent WannaCry ransomware attacks to North Korea:

Cybersecurity researchers at Symantec Corp. and FireEye Inc. have uncovered more evidence tying this month's WannaCry global ransomware attacks to North Korea.

The cyberattack that infected hundreds of thousands of computers worldwide was "highly likely" to have originated with Lazarus, a hacking group linked to the reclusive state, Symantec said. The software used was virtually identical to versions employed in attacks earlier this year attributed to the same agency, the company said in a report late Monday. FireEye on Tuesday agreed WannaCry shared unique code with malware previously linked to North Korea. "The shared code likely means that, at a minimum, WannaCry operators share software development resources with North Korean espionage operators," Ben Read, a FireEye analyst, said in an emailed statement.

[...] The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts said the hackers were likely to mount a second attack because so many users of personal computers with Microsoft operating systems couldn't or didn't download a security patch released in March labeled "critical."

Also at NYT, Reuters, Ars Technica, and The Hill. Symantec blog (appears scriptwalled).

Here's a screenshot of Wana Decrypt0r 2.0. Note the Wikipedia licensing section.

Previously: Security In 2017: Ransomware Will Remain King
"Biggest Ransomware Attack in History" Hits Around 100 Countries, Disrupts UK's NHS
WannaCrypt Ransomware Variant -- Lacking Kill Switch -- Seen in Wild [Updated]
Decryption Utility for WannaCry is Released


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0) by Anonymous Coward on Tuesday May 23 2017, @11:37PM (3 children)

    by Anonymous Coward on Tuesday May 23 2017, @11:37PM (#514580)

    That thing had the most impact in Russia, a supposed Nork's ally.

    • (Score: 3, Funny) by takyon on Tuesday May 23 2017, @11:41PM (1 child)

      by takyon (881) <{takyon} {at} {soylentnews.org}> on Tuesday May 23 2017, @11:41PM (#514583) Journal

      Their Bitcoins are as good as anybody's :D

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
      • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @12:14AM

        by Anonymous Coward on Wednesday May 24 2017, @12:14AM (#514594)

        I can just imagine the Rusky cybergoons chuckling:

        "Damn, gooks, yous pulled a doozy. Give it up - high five!"

    • (Score: 2) by Jeremiah Cornelius on Wednesday May 24 2017, @03:19PM

      by Jeremiah Cornelius (2785) on Wednesday May 24 2017, @03:19PM (#514841) Journal

      Yeah. The attribution method is dubious. It contains more NSA code than NK code. This was cobbled together from available parts.

      Symantec is done, as a trustworthy analyst. Bluecoat aquired them and went private. They peddle for various big gov customers. It's a shame, really.

      --
      You're betting on the pantomime horse...
  • (Score: 5, Insightful) by Gaaark on Tuesday May 23 2017, @11:45PM (5 children)

    by Gaaark (41) Subscriber Badge on Tuesday May 23 2017, @11:45PM (#514585) Journal

    What... is North Korea the American bad guy now, or is Russia? China??

    Or was Symantec told to take America's eyes/entertainment lobes off of Russia and put it back onto North Korea???

    Man, it's so hard to stay focused on who the bad guy is anymo---
    --oooh, look! Kardashians! Heee heee, soooo shiny!!!

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
    • (Score: 4, Insightful) by takyon on Tuesday May 23 2017, @11:48PM (2 children)

      by takyon (881) <{takyon} {at} {soylentnews.org}> on Tuesday May 23 2017, @11:48PM (#514588) Journal

      The world's superpower can have multiple enemies???!

      --
      [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
      • (Score: 2) by Gaaark on Wednesday May 24 2017, @12:33AM (1 child)

        by Gaaark (41) Subscriber Badge on Wednesday May 24 2017, @12:33AM (#514602) Journal

        No: you need to focus the plebs on one enemy at a time! Hence the Jews in Nazi-land... "It's a small Jew world after all, it's a small Jew world uber alles"

        It's like marketing: one message hammered home again and again. It's the Jews, or it's the Russians or it's the Chinese, but NEVER all at the same time!

        --Yes, this is all sarcasm/joke--

        --
        --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
        • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @07:50AM

          by Anonymous Coward on Wednesday May 24 2017, @07:50AM (#514715)

          in their hate, thanks to World 2.0 and the dramatic changes it has offered through digital content production values, Humans v2.0 can now be multi-minded in their ability to hate others! No longer must a single organization, group, race, gender, or religion be hated upon by them, but rather all can be hated upon with the full power of Humans v2.0 via their unique new Time-sharing Hate System (THS (TM)).

          Thanks to this unique system, brought about in part by research and development done through years upon years of painstaking R&D and refinements from visits to the Player Hater's Ball, KKK meetings, and Fundamental Synagogues, Churches, and Mosques, we have finally managed to produce people who can multi-facet their hate, providing the full power of their hate at any victim at any time provided a sufficient slice of time.

    • (Score: 5, Insightful) by kaszz on Tuesday May 23 2017, @11:50PM

      by kaszz (4211) on Tuesday May 23 2017, @11:50PM (#514589) Journal

      Symantec - Mountain View, California, USA
      FireEye - Milpitas, California, USA

      Add some special letter soup letter.

      And you get whatever the master says! :-)
      Do I need to say more? :p

    • (Score: 3, Insightful) by butthurt on Wednesday May 24 2017, @12:59AM

      by butthurt (6141) on Wednesday May 24 2017, @12:59AM (#514606) Journal

      "Oceania was at war with Eastasia. Eurasia was an ally."

  • (Score: -1, Offtopic) by Anonymous Coward on Tuesday May 23 2017, @11:46PM (4 children)

    by Anonymous Coward on Tuesday May 23 2017, @11:46PM (#514587)

    Unless you've had dealings with these slanteyed godless fucks, you have no idea
    just how different they are from decent western people.

    The US should have destroyed China, Korea, and all the rest of the hordes of
    dog-eating yellow people, while it was possible to do so without nuclear retaliation.

    • (Score: 3, Insightful) by butthurt on Wednesday May 24 2017, @01:09AM (3 children)

      by butthurt (6141) on Wednesday May 24 2017, @01:09AM (#514610) Journal

      Your wish nearly came true:

      In 1951, the U.S. escalated closest to atomic warfare in Korea. Because China deployed new armies to the Sino-Korean frontier, pit crews at the Kadena Air Base, Okinawa, assembled atomic bombs for Korean warfare, "lacking only the essential pit nuclear cores". In October 1951, the United States effected Operation Hudson Harbor to establish a nuclear weapons capability. USAF B-29 bombers practised individual bombing runs from Okinawa to North Korea (using dummy nuclear or conventional bombs), coordinated from Yokota Air Base in east-central Japan. Hudson Harbor tested "actual functioning of all activities which would be involved in an atomic strike, including weapons assembly and testing, leading, ground control of bomb aiming". The bombing run data indicated that atomic bombs would be tactically ineffective against massed infantry, because the "timely identification of large masses of enemy troops was extremely rare."

      Ridgway was authorized to use nuclear weapons if a major air attack originated from outside Korea.

      -- https://en.wikipedia.org/wiki/Korean_War [wikipedia.org]

      Conventional bombing had, however, taken a toll on North Korea’s civilian population. In The United States Air Force in Korea 1950 –1953 by historian Robert F. Futrell, he includes a description of the town of Huichon written by General William F. Dean, who was held prisoner in North Korea: “The city I’d seen before—two-storied buildings, a prominent main street—wasn’t there anymore. I think no important bridge between Pyongyang and Kanggye had been missed, and most of the towns were just rubble or snowy open spaces where buildings had been. The little towns, once full of people, were unoccupied shells. The villagers lived in entirely new temporary villages, hidden in canyons or in such positions that only a major bombing effort could reach them.”

      --
        http://www.airspacemag.com/military-aviation/how-korean-war-almost-went-nuclear-180955324/ [airspacemag.com]

      • (Score: 3, Informative) by Jeremiah Cornelius on Wednesday May 24 2017, @04:09PM (2 children)

        by Jeremiah Cornelius (2785) on Wednesday May 24 2017, @04:09PM (#514888) Journal

        Conventional bombing and incendiaries - under the direction of Curtis LeMay - wiped out 20% of the civilian population of the Korean peninsula. This is a war crime, unfortunately not without parallel, but still in the greatest order of magnitude. The USA is no better than Stalin's USSR in this regard, other than ideological justification for the extermination of tens of millions of innocents.

        LeMay, you may note, was responsible for the incineration of the cultural, non-military targets of Dresden and Kyoto. The former made famous by Kurt Vonnegut in "Slaughterhouse 5". LeMay was the great villain of that novel, and portrayed accurately as unrepentant. His airwar was more reprehensible and criminal than Goering's. Yet he never saw a Nuremburg-style prosecution.

        When you see a US or UK flag, the proper response should be abject disgust.

        --
        You're betting on the pantomime horse...
  • (Score: 2) by Grishnakh on Wednesday May 24 2017, @03:22AM

    by Grishnakh (2831) on Wednesday May 24 2017, @03:22AM (#514652)

    This is what people get for using Windows for their critical data.

  • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @04:09AM (2 children)

    by Anonymous Coward on Wednesday May 24 2017, @04:09AM (#514665)

    I'm surprised there's not more scrutiny over this sort of incredibly lazy security "analysis" here. False attribution is a regular part of any sort of digital criminal activity. What these "analysts" and the 'it's the Russkies!' crew before them are doing fundamentally comes down to "He said It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity... therefore it must be Charles Dickens." Oh... he's dead? Oh dear... Well I guess it's POSSIBLE somebody else might have somehow gotten access to his words. Seriously, it's like all you have to do is to keep some string values in Korean and that's enough for these "security experts" to brilliantly declare it must be North Korea.

    There's also this constant self contradiction that nobody seems to pick up on. On the one hand the software is often described as sophisticated clearly indicative of a state level entity. And then you have things like them storing a 'kill switch' domain name in plain text in this case or similarly completely amateur issues in former malware or hacks attributed to state level entities.

    • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @04:17AM (1 child)

      by Anonymous Coward on Wednesday May 24 2017, @04:17AM (#514670)

      Reminds me of CNN's "security analyst" discussing, Who is this hacker known as 4chan? [youtube.com] "He may have been just a systems administrator who knew his way around and how to hack things."

      • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @06:16PM

        by Anonymous Coward on Wednesday May 24 2017, @06:16PM (#514993)

        Its still unbelievable to me that these organizations tried to push a "fake news" meme.

  • (Score: 1, Insightful) by Anonymous Coward on Wednesday May 24 2017, @08:30AM (2 children)

    by Anonymous Coward on Wednesday May 24 2017, @08:30AM (#514724)

    The dangerous parts were leaked from the NSA. The NSA needed something to "prove" that leaking their exploits helps the enemy rather than helping fixing our own security. What better way than a false flag operation, creating some shoddily written malware that infects a lot of computers.

    I expected them to blame Russia (like the recent election), but North Korea makes it even more obvious that it was a false flag operation.

    Does anyone here actually believe that malware attacking Windows could come out of a country where computers (all three of them) were invented by Kim Jong Un. As far as I know, Microsoft never ported Windows to Kim Jong Un hardware.

    • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @10:39AM

      by Anonymous Coward on Wednesday May 24 2017, @10:39AM (#514745)

      actually, this is not that unbelievable.
      the bit with the movie a couple of years ago was just plain stupid, and I doubt North Korea was actually involved, but I do believe the North Koreans would be capable of extortion/"data kidnapping" or whatever you want to call it.
      they definitely need the cash, and they have enough resources to develop the capability.
      and they don't really have anything to lose.

    • (Score: 0) by Anonymous Coward on Wednesday May 24 2017, @04:33PM

      by Anonymous Coward on Wednesday May 24 2017, @04:33PM (#514914)

      The elites have cell phones and computers. It's shocking how little americans know about north korea. Which absolutely is a massive threat and who we will probably go to war with.
      The irony is that the people first to say "well we don't know what's REALLY going on over there" over and over in an effort to look deep and woke also make the least effort to educate themselves. You could easily google information on north korea and you could just as easily talk to chinese who live on that border to verify such information is correct.

  • (Score: 2) by sjames on Wednesday May 24 2017, @11:37PM

    by sjames (2882) on Wednesday May 24 2017, @11:37PM (#515194) Journal

    So, what they're saying is the NSA flubbed so badly that they ended up helping (however inadvertently) the world's biggest kook attack the U.S. and others? Pretty much the opposite of their mission? Short of stubbing a cigar out on the big red button, could they screw up any worse?

(1)