Following the massive ransomware attack that impacted businesses across the globe Friday, security experts dug deeper into the malware’s code and discovered some interested clues.
Researchers from Google, Kaspersky Lab and Symantec have come across code in the WannaCry ransomware that is identical to code used by a North Korean state hacking collective known as the Lazarus Group.
According to a tweet posted by Neel Mehta, security researcher at Google, he is believed to have first spotted the ties in the code based on an earlier version of WannaCrypt. The tweet highlighted samples of the overlapping code, followed by the hashtag “#WannaCryptAttribution.”
The Lazarus Group is known as the entity behind the 2014 Sony Pictures hack intended to protest the movie “The Interview,” although it’s also been linked to recent bank hacks, such as the $81 million siphoned from the central bank of Bangladesh, according to The Hill.