A security company in the U.S. has provided further evidence that last year’s devastating hacking attack on Sony Pictures Entertainment was carried out by a group with ties to North Korea.
Security firm CrowdStrike is among those who believe North Korea was the culprit, and on Tuesday it presented another piece of evidence to support that claim.
CrowdStrike said it found similarities between the malware used against Sony and a piece of destructive code deployed in 2013 by a group it calls Silent Chollima, which has already been linked to several attacks on South Korea and the U.S.
Parts of the code used in each attack are almost identical in their structure and functionality, CrowdStrike CTO Dmitri Alperovitch said during a webcast Tuesday in which he described how the Sony attack was carried out. The malware used in both attacks contains the same typographical error in the same place, spelling “security” as “secruity.”
The group that claimed responsibility for attacking Sony calls itself Guardians of Peace. Silent Chollima often uses different names during different attacks and may have done the same with Sony.