WannaCry Ransom Notes Authored by Chinese-Speakers, Experts Say

By Marcos Colon

Following a linguistic analysis by experts, the ransom notes tied to the infamous WannaCry ransomware worm attacks may have been penned by a native Chinese-speaker.

Researchers at security firm Flashpoint conducted the analysis but also shared that the new information is not intended to contradict previous research by Kaspersky Lab, Google, and Symantec, according to a Flashpoint blog post.

Following the global attacks, experts at those companies dug deeper into the malware and discovered code in the ransomware that is identical to code used by a North Korean state hacking collective known as the Lazarus Group.

“Flashpoint assesses with high confidence that the author(s) of WannaCry’s ransomware notes are fluent in Chinese, as the language used is consistent with that of Southern China, Hong Kong, Taiwan, or Singapore,” Flashpoint researchers wrote. “This along is not enough to determine the nationality of the author(s).”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.