Free WannaCry Ransomware Decryption Tool Released

No need to pay ransomware; WannaCry decryption tool is available for free on GitHub

Researchers have finally been able to create a decryptor for the WannaCry ransomware that has affected more than 3,00,000 computers in 150 nations since its attack on computers running the Microsoft Windows operating system last Friday. For those unfamiliar, the WannaCry ransomware cryptoworm encrypts data and demands ransom payments from the infected computers in the Bitcoin cyrptocurrency.

Adrien Guinet, a French security researcher from Quarkslab, has discovered a method for finding the ransomware’s decryption key making use of a flaw in which WannaCry functions, according to The Hacker News.

Basically, WannaCry encryption creates a pair of keys – “public” and “private”. While the ransomware uses prime numbers to generate a “public” key, the “private” key is for encryption and decryption of the system files. WannaCry erases the keys from the system, thus compelling the victim to pay $300 to the cybercriminals.

However, Guinet found out that WannaCry “does not erase the prime numbers from memory before freeing the associated memory.” As a result, it allows a chance to retrieve the prime numbers and hence, generate the private key for decryption.

Using this information, Guinet released a tool called “WannaKey” that recovers the private key used to encrypt files on an infected system, allowing the contents of the files to be decrypted without paying the ransom demanded by WannaCry’s creators. The WannaKey decryption tool is available for free and works on Windows XP operating system.

However, the tool will only work on those affected computer that haven’t been rebooted after the attack or for computers with associated memory that have not been erased or allocated by some other processes, added Guinet.

Based on Guinet’s findings, another security researcher named Benjamin Delpy has created ‘WanaKiwi’, a tool that can unlock WannaCry infected systems. While it is similar to WannaKey in the way it functions, it is however compatible with Windows XP, Vista, 7, Server 2003, and Server 2008, and can run using the command prompt.

Users who are infected by the virus can download WannaKey tool or WannaKiwi tool from GitHub and try it on their affected Windows.

Kavita Iyer
Kavita Iyerhttps://www.techworm.net
An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human!!!

1 COMMENT

  1. Thanks on your marvelous posting! I really enjoyed reading it, you could be a great author.I will ensure that I bookmark your blog and may come back at some point. I want to encourage one to continue your great posts, have a nice morning!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Read More

Suggested Post