Experts deny US firm's claim that WannaCry hackers are possibly from China
By Ma Chi and Zhao Siyuan | chinadaily.com.cn | Updated: 2017-06-10 21:42
Experts called a US firm's claim that Chinese hackers are possibly behind the WannaCry ransomware that hit computers around the world last month as not reliable.
"The conclusion that the authors of the ransomware are Chinese people is premature based on only linguistic analysis of the ransom message, rather than the malware itself," said Zheng Wenbin, an internet security expert at Qihoo 360.
Flashpoint, a US intelligence company, said on its website on May 25 that authors of the WannaCry ransomware message are fluent in Chinese, as the language used is consistent with that of the southern Chinese mainland, Hong Kong, Taiwan, or Singapore.
WannaCry is a malware that has infected computers in more than 100 countries and regions since May 12. The malware locked up data on infected computers and displayed a message in 28 languages demanding a ransom for restoration of the data.
Flashpoint said the hackers wrote the ransom message in Chinese first. They then translated it into English, and further converted that into versions in other languages using Google's translation tool.
Zheng Wenbin said the linguistic analysis conducted by Flashpoint on the ransom messages of the WannaCry malware is "not professional" and the results are "not reliable".
Li Baisong, the deputy chief engineer of Antiy Labs, an anti-virus services provider, echoed Zheng's opinion.
Li said the malware itself is directly responsible for causing damage to computers. Therefore, according to Li, the investigation should target the malware itself, and it's not enough to just study the ransom message.
He added that the attack code and domain also should be analyzed to track the source of the malware.
Li said there is no evidence yet showing the hackers of the WannaCry ransomware are from China.
Tian A'meng contributed to this story.