COLUMBUS, Ohio (WCMH) -- A Chinese hacking group that received attention after a worldwide ransomware attack also happened to net a nickname more commonly associated with Ohio. APT3, also known as Buckeye, received attention in 2017 after researchers found the group was hacking Windows computers with exploits leaked from the NSA. In May of that year, the vulnerability would come into play in the international WannaCry ransomware attack. The malware locked down any computer it successfully infected, and demanded payment in bitcoin while spreading to other devices in the local network. The attack crippled around 300,000 computers in 150 countries and shut down hospitals in some of the worst cases, according to the U.S. Department of Homeland Security. Buckeye -- a group thought to be sponsored by the Chinese military -- was never directly accused in the WannaCry incident. But the U.S. Department of Justice did indict three of Buckeye's members for breaking into multiple American companies' computer networks and stealing their data. While the charges against Buckeye members and related WannaCry ransomware attack received attention, no outlets appeared to ever look into where Buckeye got its name. The hackers share the term with Ohio State University's athletic teams, and the nut from the buckeye tree -- common in the state when settlers arrived in the 1700s -- which became Ohio's alter ego. In this file photo, a laptop displays a message after being infected by a ransomware as part of a worldwide cyberattack on June 27, 2017 in Geldrop. - (Photo by Rob Engelaar / ANP / AFP) / Netherlands OUT (Photo by ROB ENGELAAR/ANP/AFP via Getty Images) Shawn Waldman, an expert and owner of SecureCyber, explained the meaning behind Buckeye's more formal name: APT3. "APT stands for advanced persistent threat," Waldman said. "Generally, threat actors get an APT name, and those designated numbers come generally from either the U.S. government, federal entities like maybe the NSA or the CIA, or CISA," Waldman said. Going beyond the acronym, Waldman said that some hacking groups give themselves a nickname -- like Rhysida, who attacked the City of Columbus in July -- or the company or government agency that researches them comes up with one. "Also, a lot of these threat actors spin up and collapse and split into other splinter groups, and then they'll get a lot of attention from federal authorities, and it'll cause them to kind of disappear," Waldman said. "And then they'll kind of rebrand and reappear as a different name." NBC4 also reached out to the FBI's Cincinnati office for more information about Buckeye, and its name's origins. A member of the federal agency suggested contacting Symantec, the antivirus software developer under Broadcom that took credit for researching the Buckeye hackers. But when NBC4 asked a representative of Symantec's Threat Hunter Team about the codename, they explained that hackers sharing the word Buckeye with Ohio was a coincidence. "It is an insect name -- a type of butterfly and not a reference to the tree," the representative wrote. "The Symantec Threat Hunter Team at Broadcom has a large list of random insect names and when they come across a new group, they just randomly assign them an unused insect name." Buckeye -- which Symantec believes stopped operating as a group halfway through 2017 -- does share some similarities with the hackers that wreaked havoc on Columbus. Investigators believe Rhysida is also based overseas, but haven't publicly narrowed their location down to a country like Buckeye. And while Symantec reported Buckeye quietly snuck into the networks of U.S. companies for espionage, Rhysida broke into the local governments' servers for a more public attack. After Rhysida made off with terabytes of sensitive data, the City of Columbus claimed it stopped the hackers from encrypting its systems in a ransomware attack. Rhysida then held an auction on the dark web seeking 30 bitcoin, or over $2 million. When they failed to attract a starting bid, the group leaked 3.1 terabytes of data for anyone to download. Buckeye, on the other hand, wasn't known by Symantec for deploying ransomware, or publicly auctioning or leaking what it stole.