Cybersecurity researchers have found evidence they say could link North Korea with the WannaCry cyberattack that has infected more than 300,000 computers worldwide, as global authorities scrambled to prevent hackers from spreading new versions of the virus.
A researcher from South Korea’s Hauri Labs yesterday said their findings matched those of Symantec and Kaspersky Lab, which on Monday said that some code in an earlier version of the WannaCry software had also appeared in programs used by the Lazarus Group, identified by some researchers as a North Korea-run hacking operation.
“It is similar to North Korea’s backdoor malicious codes,” said Simon Choi, a senior researcher with Hauri who has done extensive research into the North’s hacking capabilities and advises South Korean police and National Intelligence Service.
Symantec and Kaspersky said it was too early to tell whether Pyongyang was involved in the attacks, based on the evidence that was published on Twitter by Google security researcher Neel Mehta.
The attacks, which slowed on Monday, are among the fastest-spreading extortion campaigns on record.
In Taiwan, the Central News Agency (CNA) said that the cyberattack infected computers in 10 schools, the state-run Taiwan Power Co (台電), a hospital and at least one private business.
However, it caused no damage to the schools’ core database systems.
The business, whose name was not given, reported paying US$1,000 in bitcoin to unlock files held hostage by the program.
There have been no reported incidents of the ransomware affecting government agencies, CNA said.
Chinese Ministry of Foreign Affairs spokeswoman Hua Chunying (華春瑩) said she had no information to share, when asked about the origin of the attack and whether North Korea might be connected.
Several Asian countries have been affected by the malware, although the impact has not been as widespread as some had feared.
In Malaysia, cybersecurity firm LE Global Services said it had identified 12 cases so far, including a large government-linked corporation, a government-linked investment firm and an insurance company. It did not name any of the entities.
Vietnam’s state media said more than 200 computers had been affected.
FireEye Inc, another large cybersecurity firm, said it was also investigating, but it was cautious about drawing a link to North Korea.
“The similarities we see between malware linked to that group and WannaCry are not unique enough to be strongly suggestive of a common operator,” FireEye researcher John Miller said.
US and European security officials said on condition of anonymity that it was too early to say who might be behind the attacks, but they did not rule out North Korea as a suspect.
The Lazarus hackers, acting for North Korea, have been more brazen in their pursuit of financial gain than others, and have been blamed for the theft of US$81 million from the Bangladesh central bank, according to some cybersecurity firms.
NATIONAL SECURITY THREAT: An official said that Guan Guan’s comments had gone beyond the threshold of free speech, as she advocated for the destruction of the ROC China-born media influencer Guan Guan’s (關關) residency permit has been revoked for repeatedly posting pro-China content that threatens national security, the National Immigration Agency said yesterday. Guan Guan has said many controversial things in her videos posted to Douyin (抖音), including “the red flag will soon be painted all over Taiwan” and “Taiwan is an inseparable part of China,” while expressing hope for expedited “reunification.” The agency received multiple reports alleging that Guan Guan had advocated for armed reunification last year. After investigating, the agency last month issued a notice requiring her to appear and account for her actions. Guan Guan appeared as required,
A strong cold air mass is expected to arrive tonight, bringing a change in weather and a drop in temperature, the Central Weather Administration (CWA) said. The coldest time would be early on Thursday morning, with temperatures in some areas dipping as low as 8°C, it said. Daytime highs yesterday were 22°C to 24°C in northern and eastern Taiwan, and about 25°C to 28°C in the central and southern regions, it said. However, nighttime lows would dip to about 15°C to 16°C in central and northern Taiwan as well as the northeast, and 17°C to 19°C elsewhere, it said. Tropical Storm Nokaen, currently
‘NATO-PLUS’: ‘Our strategic partners in the Indo-Pacific are facing increasing aggression by the Chinese Communist Party,’ US Representative Rob Wittman said The US House of Representatives on Monday released its version of the Consolidated Appropriations Act, which includes US$1.15 billion to support security cooperation with Taiwan. The omnibus act, covering US$1.2 trillion of spending, allocates US$1 billion for the Taiwan Security Cooperation Initiative, as well as US$150 million for the replacement of defense articles and reimbursement of defense services provided to Taiwan. The fund allocations were based on the US National Defense Authorization Act for fiscal 2026 that was passed by the US Congress last month and authorized up to US$1 billion to the US Defense Security Cooperation Agency in support of the
PAPERS, PLEASE: The gang exploited the high value of the passports, selling them at inflated prices to Chinese buyers, who would treat them as ‘invisibility cloaks’ The Yilan District Court has handed four members of a syndicate prison terms ranging from one year and two months to two years and two months for their involvement in a scheme to purchase Taiwanese passports and resell them abroad at a massive markup. A Chinese human smuggling syndicate purchased Taiwanese passports through local criminal networks, exploiting the passports’ visa-free travel privileges to turn a profit of more than 20 times the original price, the court said. Such criminal organizations enable people to impersonate Taiwanese when entering and exiting Taiwan and other countries, undermining social order and the credibility of the nation’s
RSS