A recent report published by BBC news stated that an analysis by research firm Flashpoint suggests Chinese-speaking criminals may have been behind the WannaCry ransomware.
According to the firm, the use of proper grammar and punctuation in only the Chinese versions of the ransom notice indicated that the writer was “native or at least fluent” in Chinese.
The translated versions of the ransom notice appeared to be mostly “machine translated”.
Flaspoint’s report showed that out of the the 28 different notes, only the English version and the two Chinese character versions (Simplified and Traditional) appear to have been written by a human. All 25 other notes appear to have been translated from the English note using Google Translate.
The WannaCry cyber-attack infected more than 200,000 computers in various countries including UK, US, China, Russia, Spain, Italy and Taiwan.
Some earlier analysis of the software had suggested that the ransomware is linked to North Korea.
However, the Flashpoint researchers noted the Korean-language ransom note was a poorly translated version of the English text.
The report highlighted that after analyzing two Chinese ransom notes, they found that they differ substantially from other notes in content, format, and tone.
It also noted that Google Translate fails in both Chinese-English and English-Chinese tests, producing inaccurate results that suggests the Chinese text was likely not have been similarly generated by the English text.
Flashpoint then said that it assesses with high confidence that the author(s) of WannaCry’s ransomware notes are fluent in Chinese, as the language used is consistent with that of Southern China, Hong Kong, Taiwan, or Singapore.
The UK’s National Crime Agency, the FBI and Europol are investigating are currently still running investigations on who was responsible for the ransomware.