Microsoft and Facebook worked together last week to protect their users and the internet from ongoing attacks by ZINC, a persistent threat actor, also known by the name of Lazarus Group. Microsoft concluded that the WannaCry ransomware attack that crippled banks, hospitals and other businesses across more than 150 countries in May this year, was a result of this threat actor.
The National Cyber Security Center of U.K. disclosed that Lazarus/ZINC, the cybercrime entity working on behalf of North Korean government, was responsible for the WannaCry ransomware attack.
The Lazarus Group had injected WannaCry ransomware in hundreds of thousands of computers, and had used malware to scramble the files of victims, and later demanded money to unscramble them.
“While victims received ransom demands, paying did not unlock their computers. It was cowardly, costly and careless. The attack was widespread and cost billions, and North Korea is directly responsible,” wrote Tom Bossert, White House Homeland Security Advisor, in a blog post.
The Lazarus Group had also attacked media and government institutions, and stole around 60 million pounds from a central bank. The biggest strike occurred in the health care system in U.K, where they affected the surgeries and emergency services.
Microsoft disrupted the malware, cleaned the infected computers and disabled the accounts which were being used for such cyberthreats. The tech giant has also enhanced the Windows defenses to prevent any reinfection of WannaCry.
On the other hand, Facebook has deleted accounts which were associated with the attack, so that it becomes harder for them to conduct any attack further.
“Facebook took down accounts and stopped the operational execution of ongoing cyber-attacks and Microsoft acted to patch existing attacks, not just the WannaCry attack initially,” Tom Bossert said.
Also read: The ransomware attack continues, affecting systems worldwide
Along with the U.K. government, the governments of the U.S, Australia, Canada, New Zealand, and Japan have also announced that North Korean government is responsible for all the activities of Lazarus Group.