According to a leaked insider report written by the American intelligence agency NSA, North Korea seems to be the primary suspect regarding the worldwide ransomware attack of last month.

The now infamous program Wannacry was supposedly used to generate extra cash flow for the financial reserves of the North Korean regime, says the NSA. A salient detail to the story is the now known origin for the exploit used by the Wannacry program to gain acces to outside system, which is the database of the NSA itself.

According to the insider report several Chinese IP-adresses were used to conduct the attack last month. These aforementioned addresses were already known to have been used by hackers working for the North Korean government. The regime most likely funded an external group of hackers to conduct the attack worldwide.

Unfortunately for the attackers agencies such as the NSA could easily follow the money generated from Wannacry, because only three different locations to store the Bitcoins from victims were used. Other ransomware programs would normally create a different location of money storage per victim. However, Wannacry limited itself to only a couple of easily located treasuries. The total amount was estimated at around 115.000 euros and has not been collected by the hackers as of yet.

Any damning evidence to implicate the North Koreans remains to be found, but this report comes on top of several allegations in the past which all implicate the Asian regime of being the culprit behind the worldwide ransomware attack of last month.