In August 2018, the US Department of Justice (DoJ) unsealed the indictment of a North Korean spy, Park Jin Hyok, whom they claim was behind the hack against Sony and the creation and distribution of the WannaCry ransomware. The 170-plus-page document was written by Nathan Shields of the FBI’s LA office and shows the careful sequence of forensic analysis they used to figure out how various attacks were conducted.
Security researchers have given Park’s organization various monikers, including the Lazarus Group, APT37, Lab 110, Group 123, Hidden Cobra, Nickel Academy and Reaper. Some are from the malware elements they created. That is the first thing that you will learn from the indictment: the North Koreans have been at the center of many different campaigns over the past six or so years.
The link for this article located at CSO Online is no longer available.
