Free WannaCry Ransomware Decryption Tool Released
Researchers have finally been able to create a decryptor for the WannaCry ransomware that has affected more than 3,00,000 computers in 150 nations since its attack on computers running the Microsoft Windows operating system last Friday. For those unfamiliar, the WannaCry ransomware cryptoworm encrypts data and demands ransom payments from the infected computers in the Bitcoin cyrptocurrency.
Adrien Guinet, a French security researcher from Quarkslab, has discovered a method for finding the ransomware’s decryption key making use of a flaw in which WannaCry functions, according to The Hacker News.
Basically, WannaCry encryption creates a pair of keys – “public” and “private”. While the ransomware uses prime numbers to generate a “public” key, the “private” key is for encryption and decryption of the system files. WannaCry erases the keys from the system, thus compelling the victim to pay $300 to the cybercriminals.
However, the tool will only work on those affected computer that haven’t been rebooted after the attack or for computers with associated memory that have not been erased or allocated by some other processes, added Guinet.
Based on Guinet’s findings, another security researcher named Benjamin Delpy has created ‘WanaKiwi’, a tool that can unlock WannaCry infected systems. While it is similar to WannaKey in the way it functions, it is however compatible with Windows XP, Vista, 7, Server 2003, and Server 2008, and can run using the command prompt.
Source | techworm