WannaCry written by Chinese speakers: Flashpoint

Flashpoint linguists think the authors of WannaCry were native Chinese speakers

Taiwan News
Date: 2017/05/27
By: Keoni Everington, Taiwan News, Staff Writer

TAIPEI (Taiwan News) — Linguists at the dark web intelligence firm Flashpoint say the

Image of Chinese language ransom note sent by WannaCry malware. (Image from Kaspersky Lab)

Mandarin Chinese version of the ransom message sent by the WannaCry malware program was the only one composed by native speakers, indicating that it may have been made in China, not North Korea as previously suspected by antivirus company Symantec.

Flashpoint’s linguists analyzed ransom notes generated by WannaCry in 28 languages from Bulgarian to Vietnamese, and found that all had been generated by Google Translate, with the exception of English and Simplified and Traditional Chinese. However, the English message had grammatical errors indicating it was written by a non-native English speaker.

The Chinese messages, on the other hand, were composed at a native level and differed substantially from the other notes (including the English version) in content, format, tone, and length.

There are a number telltale traits in the ransom note that correspond to a native Chinese speaker. The typo “帮组” (bangzu) instead of “帮助” (bangzhu) meaning “help,” indicates that it was written with a Chinese-language input system that possibly involved keying in the mainland Chinese romanization system Pinyin, as the typo appears to result from failing to input the letter “h.”    [FULL  STORY]