When a Google researcher first highlighted similarities between code in one version of the WannaCry ransomware and code previously used by Lazarus, Symantec said the connection appeared "weak" and security sources rated the chances of North Korean involvement as "slim to none".
Rather than being a nation-state campaign, it said, it looked more like a "typical" cyber-crime campaign that sought to enrich its operators.
Researchers from security firm Symantec gave additional evidence which supplements the case that the ransomware bug WCry is closely linked to Lazarus Group.
Speaking at a press conference, Kim In Ryong, North Korea's deputy ambassador to the United Nations, called the allegations ridiculous and unfounded.
While pointing out that the "attribution to North Korea is premature and likely false", the researcher at the Institute for Critical Infrastructure Technology (ICIT) believes that this could very well be the work of script kiddies - hackers who borrow malicious scripts from other attacks to execute one on their own.
Trump willing to engage North Korea: Seoul
It stressed the importance of North Korea "immediately showing honest commitment to denuclearization through concrete action". North Korea claims the missile is a new medium-long range ballistic rocket capable of carrying a heavy nuclear warhead.
In November 2014, for just one example, Sony Pictures Entertainment became the target of the biggest cyberattack in United States corporate history just before its release of the critically panned racial-caricature comedy "The Interview", which takes North Korea as its setting.
Thakur said, Lazarus Group members could have been moonlighting to make extra money, or they could have left government service, or they could have been contractors without direct obligations to serve only the state.
The most effective version of WannaCry spread by using a flaw in Microsoft's Windows and a program that took advantage of it that had been used by the US National Security Agency, officials said privately.
However, KasperskyLab experts fell short of naming North Korea an actual perpetrator, citing lack of evidence.
For example, early versions of WannaCry had a bug in the code that prevented victims from paying the ransom. Additional fingerprints linked Lazarus Group to hacks that wiped nearly a terabyte's worth of data from Sony Pictures and siphoned a reported £57 million from the Bangladesh Central Bank previous year.
The cyber security expert said that it was a less likely scenario for the attack to create chaos by spreading WannaCry.
Finally, researchers discovered that Backdoor.Contopee (more malware linked to Lazarus) contains code that has been found in WannaCry.