WannaCry Can Be Defeated With WannaKey Software Without Ransom Paying

May 19, 2017 8:25 pm0 commentsViews: 67

There’s an answer to WannaCry. The ransomware guys would now be offended as a security researcher claims you don’t need to pay any money to recover your files if your computer is hacked.

Adrien Guinet said Friday a tool named WannaKey has been developed to help in the decrypting of files from an infected machine.

He adds the tool takes advantage of the shortcoming in Windows XP.

However, he warns the method may not work for all the victimsn and one of the primary reasons is that if the machine was rebooted after the attack.

The newly created software in fact tries to recover the prime numbers of the RSA private key which is used by the WannaCry.

Explaining further in details on GitHub he adds, “The main issue is that the CryptDestroyKey and CryptReleaseContext does not erase the prime numbers from memory before freeing the associated memory. This is not really a mistake from the ransomware authors, as they properly use the Windows Crypto API. It can work under Windows XP because, in this version, CryptReleaseContext does not do the cleanup.”

Guinet also said the software may not work on machines running on Windows 10 as the prime numbers are deleted there.

Besides all these there is now hope you don’t need to pay ransom to WannaCry hackers if you are lucky.

Tags:
Loading...

Leave a Reply