Searching for smart, safe news you can TRUST?
Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.
Searching for smart, safe news you can TRUST?
Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.
Denver news in your inbox
Catch up on the most important stories affecting your hometown with Axios Denver
Des Moines news in your inbox
Catch up on the most important stories affecting your hometown with Axios Des Moines
Minneapolis-St. Paul news in your inbox
Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul
Tampa-St. Petersburg news in your inbox
Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg
Computer hacked by a virus. Photo: Donat Sorokin\TASS via Getty Images
McAfee assesses that the ransomware attacks that hobbled the distribution of the Los Angeles Times and other Tribune papers in late December were carried out by a criminal group, not a nation, as the Times itself had reported.
The intrigue: Attackers used Ryuk ransomware, a variant of Hermes ransomware that has been used by the North Korean Kim Jong-un regime to funnel cash to the nation. But McAfee notes that Ryuk and Hermes have each been offered commercially on a Russian hacker forum, which appears to be the source of recent infections. That doesn't mean it's impossible for North Korea to be behind the Tribune attacks, but Ryuk's use alone doesn't strongly suggest the attack was from North Korea.