New WannaCry analysis report by Flashpoint researchers has confirmed that the ransomware has basically originated from China as the Chinese version of the ransom notice seemed to be genuine with correct usage of grammar and punctuation. Furthermore, there have been numerous grammatical errors being pointed out with other language versions including one instance in English as most of them were reportedly Google or machine translated.
According to BBC, it is now evident that only Chinese and English versions of the WannaCry ransom note appeared like human written scripts. However, some messages in English text reportedly used improper phrases such as: "But you have not so enough time."
Meanwhile, the perpetrators involved in WannaCry ransomware are being collectively hunted down by the UK's National Crime Agency, the FBI and Europol as the origin of the hack has now been revealed.
There is still no clue to the whereabouts of the criminals as it was earlier reported that the ransomware might have been originated from North Korea. As the Korean-language scripts in the ransom note appeared to be poorly translated versions of the English text, the Flashpoint researchers have concluded that the criminals did not originate from North Korea.
"It was only really the Chinese and the English versions that appeared to be written by someone that understood the language. The rest appeared to come from Google Translate. Even the Korean," explains Professor Alan Woodward, a cyber-security expert from the University of Surrey.
Quite surprisingly, the perpetrators behind the ransomware have reportedly given up their chase for extorting money (Bitcoin) from the unsuspecting victims, fearing threat from cyber-security watchdogs. Furthermore, some victims have allegedly stopped paying up ransom after initial attempts.