United States cybersecurity experts claim that three new strains of the WannaCry malware have been traced back to North Korea.
As the tech community celebrates the three-year anniversary of WannaCry, three new strains of the malware have been detected. Cybersecurity experts are pointing hackers from North Korea to be the main culprits behind these new malwares.
Some U.S. officials are considering pressing charges against one of the hackers. This is the same hacker who has played a vital role in the spread of WannaCry in 2017. The hacker is also facing chargers on hacking defense contractor Lockheed Martin and the massive Sony Pictures breach of 2014.
Three new WannaCry strains
Reports from cybersecurity experts reveal that there are three new strains of WannaCry. A trace of the malwares’ origins point to a single nation: North Korea.
The first strain has the codename Copperhedge. It is a remote access Trojan and it is capable of remote system reconnaissance and data leaks. As of this writing, as least six different variants of the strain have been identified.
The second strain has the codename Taintedscribe. Much like Copperhedge, Traintedscribe is also a Trojan and uses FakeTLS to bypass session authentication. A closer inspection of this particular strain reveals that it hides itself as a Microsoft Narrator program.
Lastly, there is Pebbledash. This strain is an implant Trojan and it is capable of downloading, uploading, and deleting executable files into its target machine. It is capable of accessing the Windows Command Line Interface, and from there it can create and terminate various processes.
Today marks the three year anniversary of the #wannacry ransomware attack.
In 2020, the threat of #ransomware attacks to organisations around the globe has not gone away.
Read our ransomware blog series for more: https://t.co/fjsVUoi4SX#TuesdayThrowback #cybersecurity pic.twitter.com/8iC8CndYcT
— Context Information Security (@CTXIS) May 12, 2020
Cybersecurity experts can confirm that these three new WannaCry strains are linked to the North Korean hacking group Per Raiu. The sample codes of the new strain have similarities with Manuscrypt, a malware family with roots back to North Korea.
The global ransomware pandemic
In 2017, a new type of malware springs into existence. Simply known as ransomware, the malware essentially renders its target completely useless until the user pays the ransom.
WannaCry is one of the first ransomware strain to ever hit the public. The original plan behind the malware is to specifically attack its target. However, the malware’s code went haywire and eventually found its way into millions of computers.
Estimates bring billions of damages to computer systems around the world. Eventually, a crack inside the malware’s code led cybersecurity experts to a fix. WannaCry is just one of the three malwares that ravage computer systems around the world. The other two are NotPetya and BadRabbit.
Image courtesy of 황승환/Wikimedia Commons