Is North Korea Stocking Up on Bitcoin?

Get exclusive analysis of bitcoin and learn from our trading tutorials. Join Hacked.com for just $39 now.

Three security firms have reported a connection between WannaCry ransomware and malware used by the Lazarus group, a cyber crime group made up of unknown individuals.

Google security researcher Neel Mehta tweeted sample hashes from the WannaCry ransomware and the Contopee backdoor, which had previously been employed by the shadowy Lazarus Group. The group is responsible for the Sony hack, the SWIFT bank attacks, as well as other attacks on financial institutions. Some experts posit they hail from the North Korean government, but hard evidence is lacking.

Still, three security firms – Kaspersky Lab, Symantec, and BAE Systems – claim there could be a connection between North Korea’s Lazarus Group and WannaCry. To be sure, the groups are not exactly concluding that North Korea is behind WannaCry. The connections are pretty light, including but code written in  C++ and compiled in Visual Studio 6.0. Comae found connections to North Korea, as well. 

“The implementation of this [random buffer generator] function is very unique,” according to Sergei Shevchenko and Adrian Nish, BAE Systems experts, “…it cannot be found in any legitimate software.”

Symantec makes bolder claims. “Symantec has determined that this shared code is a form of SSL. This SSL implementation uses a specific sequence of 75 ciphers which to date have only been seen across Lazarus tool,” the company notes. But malware designers use code from previous malware designers – that’s in line with the open-source ethics of the cyberpunk movement.

Attacks Ongoing?

Europol’s chief told BBC the ransomware was designed to enable “infection of one computer to quickly spread across the networks…That’s why we’re seeing these numbers increasing all the time.”

She added: “Even if a fresh attack does not materialise on Monday, we should expect it soon afterwards.”

The ransomware, reformatted after MalwareTech’s solution, has been spread by individuals copying the attack. “We are in the second wave,” Matthieu Suiche of Comae Technologies, tells the New York Times earlier in the week. “As expected, the attackers have released new variants of the malware. We can surely expect more.”

Microsoft president and chief legal officer Brad Smith on Sunday lambasted governments over the weekend for hoarding information about security flaws in computer systems instead of cooperating with multinational companies. He wrote:

Microsoft, which had to create a patch for Windows XP (they haven’t provided support for the OS since 2014), released a statement addressing how they are trying to undermine the attackers ability to exploit their systems. They also have choice words for the U.S. government.

“This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem. This is an emerging pattern in 2017. We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.

An equivalent scenario with conventional weapons would be the U.S. military having some of its Tomahawk missiles stolen. And this most recent attack represents a completely unintended but disconcerting link between the two most serious forms of cybersecurity threats in the world today – nation-state action and organized criminal action.

The governments of the world should treat this attack as a wake-up call.”

If North Korea is behind the WannaCry attacks, then its raised less than $100,000 via the ransomware’s bitcoin bounty.

Featured image from Shutterstock.

Comments

comments

Filed in: Bitcoin Financial News Tags: 

You might like:

Bitcoin Wallet Breadwallet Secures $7 Million in New Funding Bitcoin Wallet Breadwallet Secures $7 Million in New Funding
Bitcoin Exchange Bitstamp Adds Ethereum Trading Pairs Bitcoin Exchange Bitstamp Adds Ethereum Trading Pairs
Breaking: Australia Regulates Bitcoin Under New AML, Counter-Terrorism Reforms Breaking: Australia Regulates Bitcoin Under New AML, Counter-Terrorism Reforms
Record $4,492 Bitcoin Price Helps Markets Shake Off Slump Record $4,492 Bitcoin Price Helps Markets Shake Off Slump
ATLANT Ending ICO Pre-Sale on August 19 Revenue Goals Achieved, Focus Turns to ICO Launch on September 7 ATLANT Ending ICO Pre-Sale on August 19 Revenue Goals Achieved, Focus Turns to ICO Launch on September 7
Goldman Sachs: Bitcoin Price to Eye $5,000 then Crash Goldman Sachs: Bitcoin Price to Eye $5,000 then Crash
John McAfee: Bitcoin Price Bubble Talk ‘Absurd’ John McAfee: Bitcoin Price Bubble Talk ‘Absurd’
Bitcoin Price Breaks New ATH at $4,473, Surging Demand Amidst Economic Uncertainty Bitcoin Price Breaks New ATH at $4,473, Surging Demand Amidst Economic Uncertainty
© 2017 Virtual Mining Bitcoin News. All rights reserved. XHTML / CSS Valid.