There is a chance that someone borrowed the code, whether out of convenience or as an attempt to throw investigators off the scent. However, experts at Kaspersky argue that a deliberate plant is "improbable" given that the similar code was removed later on. And besides, the presence of kill switches in both original and modified versions of WannaCry supports the notion that these are state-sponsored hackers. As FOX-IT's Maarten van Danzig explains to Ars Technica, run-of-the-mill criminals rarely include failsafe measures like this -- why would they want to stop the money from pouring in? Moreover, the malware doesn't even bother to automatically check whether or not victims have paid up. If profit was really the motive, the code was exceptionally sloppy.

It's going to take much more research before experts can pin down WannaCry's origins, assuming that's possible. You certainly won't get a confession from North Korea even if there's smoking gun evidence of its involvement. However, what's here at least gives investigators a starting point.

Update (5/22): Kim In Ryong, North Korea's deputy ambassador to the United Nations, has branded the claim that North Korea is linked to the WannaCry ransomware as "ridiculous." Speaking at a press conference, he said: "Whenever something strange happens, it is the stereotype way of the United States and the hostile forces that kick off noisy anti-DPRK campaign deliberately linking with DPRK (Democratic People's Republic of Korea)."