Flashpoint conducted linguistic analyses of ransom notes found within the WannaCry malware to determine the native tongue of the author(s).
Their very interesting analysis suggests Chinese-speaking authors …..
Go to: https://www.flashpoint-intel.com/…/linguistic-analysis-wan…/