Hackers mint crypto-currency with technique in global 'ransomware' attack

STR  AFP  Getty Images
STR AFP Getty Images
Author

19 May, 2017

Cantopee was created by the hacking team known as the Lazarus Group, perhaps most famously known for the security breach launched against Sony Pictures in 2014.

Lazarus is believed to operate from China-for North Korea.

Symantec, Intezer Labs of Israel and Russia's Kaspersky Lab on Monday agreed that a considerable part of the "WannaCry" ransomware is identical with a hacking program used by the Lazarus group, which has ties to North Korea. They might be hiding out in countries that wouldnt be willing to extradite suspects for prosecution, said Robert Cattanach, a former U.S. Justice Department attorney and an expert on cybersecurity.

Forensics, though, will only get investigators so far.

"It is similar to North Korea's backdoor malicious codes", said Simon Choi, a senior researcher with Hauri who has done extensive research into North Korea's hacking capabilities and advises South Korean police and National Intelligence Service.

The paper introduced cases in detail, including the attack on the interior ministry, banks and public agencies in Russian Federation; on information networks, banks and energy-related companies in Spain and Portugal; and on auto factories in France, Slovenia and Romania.

"In time, more evidence appeared and allowed us, and others, to link them together with high confidence".

The Chinese foreign ministry said at a regular media briefing on Tuesday that it will completely implement existing United Nations sanction measures against the North, but declined to comment further.

Attributing cyber-attacks can be notoriously hard - often relying on consensus rather than confirmation.

Mehta, a University of British Columbia graduate who earlier worked with IBM Internet Security Systems, posted "codes" on Twitter, potentially pointing at a connection between the "WannaCrypt" ransomware attacks and the malware attributed to the infamous "Lazarus Group", responsible for a series of devastating attacks against government organisations, media and financial institutions.

In other words, this code snippet is a "fingerprint" that suggests WannaCry was developed by the Lazarus group. They have been interested in stealing large sums of money in the past and have used Bitcoin to collect ransoms, as WannaCry does, but they also tend to be more careful about collecting payments.

"It wouldn't stand up in court as it is".

Global cybersecurity firms have pointed at North Korea as the mastermind behind the latest cyberattack.

First, China was among the countries worst hit, and not accidentally - the hackers made sure there was a version of the ransom note written in Chinese. The North strongly denied all the allegations. But North Korea has been preparing cyber skills for more than 10 years and its skill is significant.

Amid speculation that North Korean hackers could have been behind the computer worm, the Rodong Sinmun newspaper on Wednesday reported the wide scale of the chaos WannaCry had caused. WannaCry, in contrast, was wildly indiscriminate - it would infect anything and everything it could.

Anchor: The UN Security Council held an emergency meeting on Tuesday to discuss North Korea's latest ballistic missile test.


More news


  • Antarctica 'greening' due to climate change

    Antarctica 'greening' due to climate change

    Stretches of the coast of the Antarctic Peninsula are covered with deep, green mossy banks. However the Antarctic has a long way to go before its appearance is radically transformed.
    Another NSA Cyber Weapon Stolen By Hackers! Widespread Damage Expected

    Another NSA Cyber Weapon Stolen By Hackers! Widespread Damage Expected

    Hundreds of thousands of computers were infected with WannaCry ransomware in over 150 countries worldwide over the weekend. ET had on Tuesday reported that many Indian companies after being attacked by WannaCry , had even paid the hackers.
    Deepika stuns the Cannes audience on her debut

    Deepika stuns the Cannes audience on her debut

    The 31-year-old actress let her long tresses loose, while opting for bold, dark lips and nails to compliment her attire. Will Smith and Pedro Almodovar opened the Cannes Film Festival on Wednesday (May 17) by clashing over Netflix movies.
  • Yankees' home runs back Sabathia in 7-1 rout of Royals

    Yankees' home runs back Sabathia in 7-1 rout of Royals

    Hammel has a 1.69 ERA in the first two innings of his eight starts, allowing three runs over 16 innings. Pineda struck out five and walked two, giving him 55 strikeouts compared to eight walks this season.

    Trump visit draws country singer Toby Keith to Saudi Arabia

    The summit will address three critical areas of concern: US-Saudi relations, US-GCC relations and Islamic-American relations. On May 21, President Trump will attend the Arab Islamic American Summit at the King Abdulaziz Convention Center in Riyadh .
    Chaffetz to resign, raising doubts about Trump probe

    Chaffetz to resign, raising doubts about Trump probe

    None of the Republicans running for office should expect an endorsement from Chaffetz until a nominee has been selected, he said. Jason Chaffetz, R-Alpine, announced Thursday via letter that he will be resigning from Congress as of June 30.
  • LeBron and Co cruise past Celtics in game one romp

    The reigning National Basketball Association champion Cavaliers toyed with the Celtics in last night's 117-104 final at TD Garden. Stat F: LeBron James has played by far his most career playoff games against the Boston Celtics (30 games, 18-12, .600).
    Steelers release Ladarius Green, Greg Warren

    Steelers release Ladarius Green, Greg Warren

    He had just one good game, when he went off for six catches, 110 yards, and a touchdown against the Giants in Week 13. To be honest, though, Green was far from the ideal tight end, even for his "big wide receiver"-like role".

    Team India Champions Trophy Squad Declared; Shami And Aswin Makes A Comeback

    KL Rahul, who had grown into one of India's most valuable players across formats past year , was not among the touring party. In the absence of the injured KL Rahul, Sharma, Shikhar Dhawan and Ajinkya Rahane will compete for the opener slots.
  • Moto Z2 Play, Moto Z2 Force Images Leaked Online

    Moto Z2 Play, Moto Z2 Force Images Leaked Online

    The device is also expected to feature a metal body, a fingerprint scanner and an IP68 rating for water and dust resistance. The device will be packed with 5,000mAh battery and as for storage, there could be something between 2GB to 3GB of RAM.
    United States  officials criticize Turkey after attack on DC protesters

    United States officials criticize Turkey after attack on DC protesters

    State Department said the episode was "deeply disturbing" and promised that an investigation would hold those responsible to account.
    Team India Champions Trophy Squad Declared; Shami And Aswin Makes A Comeback

    Team India Champions Trophy Squad Declared; Shami And Aswin Makes A Comeback

    KL Rahul, who had grown into one of India's most valuable players across formats past year , was not among the touring party. In the absence of the injured KL Rahul, Sharma, Shikhar Dhawan and Ajinkya Rahane will compete for the opener slots.