[cm2187]

One thing that strikes me with this malware is that it hits pretty much every single country. Don't hackers try to follow the proverbial "don't shit where you eat" proverb? They have nowhere to hide if they are identified now.

[4lch3m1st]

Last time I checked, hackers used to follow the "lulz" principle. However some follow the money principle, which can be stolen from anyone.

[hugh4life]

I don't know anything special that leads to this conclusion, but let's pretend that Russia is not only shadowbrokers(and I don't know that) but that this ransomware was also released by Russian government(I really don't know that...)?

In that thought experiment, what could be the possible reason for attacking themselves so hard? Well, to give themselves more plausible deniability(and the whole attack would be done as an attempt to discredit the NSA)... but also to justify an agenda of technological sovereignty. Russia is in a tug of war with American corporations over where data is stored and they've even blocked the Microsoft owned linkdin. It's impossible to find an alternative to Windows(considering Russia is such a big PC gaming country), but who knows in 10-15 years.

[flukus]

You're assuming it was released on purpose and worked on the intended scale, I'm not sure either are true.

[muricula]

This malware was first released as part of a massive spam campaign, and then from there wormed its way onto other systems. It was definitely released on purpose.

[flukus]

Has any of that been confirmed? I thought patient zero's were still mostly speculation.

[muricula]

I don't have a citation I can point you towards, just the word of a coworker who's a malware researcher, sorry.