Wanawiki unlocks WannaCry ransomware without ransom payments | Digitalbog

Header Ads

Wanawiki unlocks WannaCry ransomware without ransom payments

Wanakiwi to the rescue! As a follow up to the recently published post on Ransomware, French researchers on Friday announced that they had found a last resort for technicians to save Windows files encrypted by WannaCry using Wanakiwi tool, racing against a deadline as the ransomware threatens to start locking up victims' computers first infected a week ago.
Wanawiki works by sniffing out the prime numbers used by the ransomware to reconstruct the key used to encrypt your PC. Once the wanawiki tool is run, the software can basically generate the key, and the tool will then unlock the encypted files.
                          French researchers unlock WannaCry

WannaCry, which started to sweep round the globe last Friday and has infected more than 300,000 computers in 150 nations, threatens to lock out victims who have not paid a sum of $300 to $600 within one week of infection.                                
                         wannacry-ransom-payments

A set of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed.

The researchers cautioned that their solution only works in certain conditions:
·        If computers had not been rebooted since becoming infected.
·        If victims applied the fix before WannaCry carried out its threat to lock their files permanently.

·        It needs to be run as soon as possible, because the prime numbers the ransomware uses may be overwritten over time.

Europol said on Twitter that its European Cybercrime Centre had tested the team's new tool, and said it was "found to recover data in some circumstances".The group includes Adrien Guinet, who works as a security expert, Matthieu Suiche, who is an internationally known hacker, and Benjamin Delpy, who helped out by night, in his spare time, outside his day job at the Banque de France."We knew we must go fast because, as time passes, there is less chance to recover," Delpy said after a second sleepless night of work this week allowed him to release a workable way to decrypt WannaCry at 6 am Paris time (0400 GMT) on Friday.

Delpy calls his free tool for decrypting infected computers without paying ransom "wanakiwi".
Suiche published a blog with technical details summarizing what the group of passing online acquaintances has built and is racing to share with technical staff at organizations infected by WannaCry.
Wanakiwi was quickly tested and shown to work on Windows 7 and older Windows versions XP and 2003, Suiche said, adding that he believed the hastily developed fix also works with Windows 2008 and Vista, meaning the entire universe of affected PCs."(The method) should work with any operating system from XP to Win7," Suiche told Reuters, via direct message on Twitter.

Delpy added that so far, banking, energy and some government intelligence agencies from several European countries and India had contacted him regarding the fix. As of Wednesday, half of all internet addresses corrupted globally by WannaCry were located in China and Russia, with 30 and 20 percent of infections, respectively, according to data supplied by threat intelligence firm Kryptos Logic.By contrast, the United States accounts for 7 percent of WannaCry infections while Britain, France and Germany each represent just 2 percent of worldwide attacks, Kryptos said.

Only 309 transactions worth around $94,000 appear to have been paid into WannaCry blackmail accounts by Friday (1345 GMT), 7 days after the attack began.(Reuters graphic)

That's just under one in 1,000 of the estimated victims.This may reflect a variety of factors, security experts say, including scepticism that attackers will honor their promises or the possibility that organizations have back-up storage plans allowing them to recover their data without paying ransom.


Where Can I Download it?

You can download  Wanakiwi HERE.

No comments