The creation of the virus WannaCry, which in recent days has struck tens of thousands of computers in different countries of the world, can stand hackers from North Korea. On Monday, may 15, said the expert of «Kaspersky Lab» Alexander Gostev.
As Gostev wrote on his page on the social network Facebook, the trail leads to North Korean group Lazarus, the radio station «Echo of Moscow».
Earlier in the day, «Kaspersky Lab» reported that the spread of the virus is on the wane.
«The number of attacks WannaCry, thedetection «Kaspersky Lab» Monday, 15 may, fell for the sixth time in comparison with the similar indicator of Friday, may 12. This suggests that control of infection is almost installed» – quoted by TASS message was published in the company blog.
Victims of malicious ransomware WannaCry, were more than 200,000 computers around the world. The first data about the attack came from Spain and the UK, but its main purpose, according to cyber security company AVAST, have become computers in Russia, Ukraine and Taiwan.
The greatest damage the hackers caused in the UK, where they were locked computer system 36 hospitals that have no access to the patient records. Among the objects of attack was Spanish Telefonica, Portuguese Telecom and Telefonica Argentina Argentine mail company FedEx, the Russian Sberbank and MegaFon, computers, interior Ministry and emergency situations Ministry.
The office for cyber security of Israel reported that there is information that the virus has blocked multiple private users. There were also attacks on the networks of several companies and government agencies, but they were successfully repulsed.
To attack code used Eternal Blue, stolen by the hacker group Shadow Brokers from the us National security Agency (NSA) about a month ago. The code exploited a vulnerability in the Windows operating system.
Microsoft said that to close the vulnerability on March 14 was released the patch, however, many organizations still have not installed the latest Windows updates.