Listen Live
    Lines with digits on computer and laptop screens

    Makes Me WannaCry: US Finger Pointing Lame Attempt to Shift Blame From NSA

    © Sputnik / Natalia Seliverstova
    Tech
    Get short URL
    2411
    Subscribe

    In an interview with Sputnik, Russian expert Leonty Bukshtein commented on allegations by US cybersecurity specialists that the WannaCry ransomware attack may have originated in southern China; by doing so, they are evidently trying to throw off suspicions, he said.

    According to the South China Morning Post (SCMP) newspaper, Flashpoint, a for-profit internet consultancy, claimed that a proprietary analysis of the language used in the ransom note attached to the WannaCry malware attacks indicates that it originated in Southern China.

    Flashpoint, a US-based internet security consultancy, claimed that the ransom note was written by "native Chinese-speakers with southern accents," from regions in or around the southern Chinese mainland, Hong Kong, Singapore, or possibly Taiwan, according to the report.

    Although earlier reports suggested that the malware attack may have originated from North Korea, the US company's analysis asserts with "high confidence" that the attack was in fact Chinese, the SCMP reported.

    A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017
    © REUTERS / Courtesy of Symantec
    A screenshot shows a WannaCry ransomware demand, provided by cyber security firm Symantec, in Mountain View, California, U.S. May 15, 2017

    Speaking to Sputnik, Leonty Bukshtein, chief editor of the Internet portal "Mobile Telecommunications", drew attention to the WannaCry computer virus being most likely based on the US National Security Agency (NSA)'s malware program.

    "I would ask these American experts what they think of Eternal Blue, the NSA's malware program which is believed to be used for creating the WannaCry virus. That's the truth of it. Americans need to justify themselves, which is why they shout: 'Stop thief!' They need to allay the suspicions [from themselves] and pass the blame onto someone else," Bukshtein said.

    He also recalled the current standoff between the United States and China, which he said explains Washington's drive to once again point the finger at China.

    "As for the language, it's easily faked from elsewhere in the world, so this is not a reason for any conclusions. In any case, I wonder how those who placed the NSA's malware programs in the Internet failed to think of the consequences. After all, there is always someone who wants to take a knife that lies unattended, and swing it anywhere," Bukshtein added.

    Meanwhile, the Flashpoint internet security company referred to its analysis revealing that the ransom note was written first in Chinese and then manually translated into English — before using Google Translate to convert the note into other languages.

    "A typo in the note, bang zu (幫組) instead of bang zhu (幫助), which means ‘help,'" stated the report, "strongly indicates the note was written using a Chinese-language input system rather than being translated from a different version."

    The company added that, "The text uses certain terms that further narrow down a geographic location. One term, libai (禮拜) for ‘week,' is more common in southern China, Hong Kong, Taiwan, and Singapore."

    The SCMP report noted that many of Beijing’s residents use the word libai routinely in everyday speech, while adding that it is too early to make any definite conclusion.

    "A professional hacker often leaves behind numerous decoys to mislead the chase," said one cybersecurity expert interviewed by SCMP.

    The WannaCry malware, which locks the data of a computer running unpatched versions of the Microsoft Windows operating system and displays a message in 28 languages demanding a cryptocurrency ransom to unlock the device, has affected over 300,000 computers in some 150 countries over the past two weeks, as infections continue to spread.

    Never miss a story again — sign up to our Telegram channel and we'll keep you up to speed!

    Related:

    Russian National Extradited to US for Allegedly Developing Malware Toolkit - DOJ
    Mysterious Disk Wiper: WikiLeaks Reveals How CIA Weaponized 'Shamoon' Malware
    New Invisible 'File-Less' Cyber Malware Poses 'Unique Worldwide Threat'
    Scary Fileless Malware Infects Banks Worldwide
    Tags:
    malware, WannaCry virus, China, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik