It’s more than a week since this ransomware started causing depression among the internet users. Now another researcher, Adrien Guinet has found a cure to fix a computer affected by Wannacry ransomware. Well, the fix only works on computers running Windows XP.
Researcher Open Sources WannaKey Tool That Cracks WanaCrypt0r Encryption
Earlier this year the hacking group ‘The Shadow Brokers’ decided to give away the hacking tools that were stolen from the NSA for free. Well, the tools can be used to hack computers running on Microsoft Windows.
The malicious software WanaCryptor 2.0 which is also known as WCry is now being used to carry out one of the biggest ransomware attacks of its kind. Visit this link to know everything about WanaCrypt0r Ransomware.
Well, it’s more than a week since this ransomware started causing depression among the internet users. However, it looks like security researchers are coming up with fixes for the Wannacry ransomware.
Previously, we have seen a 22-year-old researcher from @Malware TechBlog had discovered a ‘kill switch’ that can disable all the functionality of the Wanacrypt0r 2.0 ransomware.
Now another researcher, Adrien Guinet has found a cure to fix a computer affected by Wannacry ransomware. Well, the fix only works on computers running Windows XP. Adrien Guinet managed to find the prime numbers that constitute the RSA private key used by WannaCry ransomware to crack the encryption.
I got to finish the full decryption process, but I confirm that, in this case, the private key can recovered on an XP system #wannacry!! pic.twitter.com/QiB3Q1NYpS
— Adrien Guinet (@adriengnt) May 18, 2017
Adrien Guinet has uploaded the tool which he is calling WannaKey on his GitHub repo. He explained the process to gain access to the private keys. The researcher wrote on GitHub “In order to work, your computer must not have been rebooted after being infected”
“Please also note that you need some luck for this to work and so it might not work in every cases!”
The researcher said that the after encrypting the files, the private key are stored in the memory and are often left undeleted. This is where the luck will play a key role, a user should hope that the associated memory isn’t reallocated and erased so that the prime numbers belonging to the key can be recovered.
The reason why Adrien Guinet has open sourced the tool is because he hoped that other researchers might come up with a solution for other versions of Windows. So, what do you think about this? Share your views in the comment box below.