Sunday, 21 May 2017

Don’t cry: Free WannaCry decryption tools released online.


No need to pay ransomware; WannaCry decryption tool is available for free on GitHub
WannaCry decryption tool is available for free and it can be used to save data on computers infected by the ransomware

Researchers have finally been able to create a decryptor for the WannaCry ransomware that has affected more than 3,00,000 computers in 150 nations since its attack on computers running the Microsoft Windows operating system last Friday. For those unfamiliar, the WannaCry ransomware cryptoworm encrypts data and demands ransom payments from the infected computers in the Bitcoin cyrptocurrency.

The cyberattack affected computer networks in over 150 countries including Britain, Spain, Japan, Indonesia, Taiwan to name a few.  According to reports, it has infected over 300,000 computers in the world, and this is widely seen as the biggest cyberattack in the world.

Basically, WannaCry encryption creates a pair of keys – “public” and “private”. While the ransomware uses prime numbers to generate a “public” key, the “private” key is for encryption and decryption of the system files. WannaCry erases the keys from the system, thus compelling the victim to pay $300 to the cybercriminals.

However, Guinet found out that WannaCry “does not erase the prime numbers from memory before freeing the associated memory.” As a result, it allows a chance to retrieve the prime numbers and hence, generate the private key for decryption.

Using this information, Guinet released a tool called “WannaKey” that recovers the private key used to encrypt files on an infected system, allowing the contents of the files to be decrypted without paying the ransom demanded by WannaCry’s creators. The WannaKey decryption tool is available for free and works on Windows XP operating system.

Users who are infected by the virus can download WannaKey tool or WannaKiwi tool from GitHub and try it on their affected Windows.


Post a Comment