WannaCry, the biggest ransomware attack in the history, gained prominence very rapidly in the media globally after the ransomware infected more than 300,000 computers in over 150 countries within just 72 hours.
Governments, Intelligence agencies and law enforcement around the world have already started their investigations and are working closely with affected companies to track down hackers responsible for the global cyber attack launched on Friday, 12th May.
Some researchers traced back WannaCry to a state-sponsored hacking group in North Korea, while other believed the perpetrators might be Chinese.
If you have been following WannaCry coverage on The Hacker News, you should be aware of that the WannaCry ransomware uses Tor hidden service to communicate with its command-and-control server.
Just yesterday, we came to know that French authorities had seized at least 6 Tor’s entry guard node servers, hosted on France-based hosting providers, just two days after the outbreak of ransomware attack while investigating the WannaCry incident.
On 15th May, a French hacktivist, who uses online moniker ‘Aeris,’ informed Tor community that the official from Central Office for Combating Crime Related to Information and Communication Technologies (OCLCTIC) raided the Online.net hosting provider and have seized his “kitten1” and “kitten2” (torguard and fallback directory) servers on 14th May.