Researchers build WannaCry decryption tools for Windows XP
Less than a week after the WannaCry ransomware rapidly spread across the world, a French security researcher released a tool on Thursday that gives Windows XP users a chance to decrypt and save their files from oblivion.
Adrien Guinet created WannaKey that generates an RSA private key which can be used in combination with WanaFork to decrypt the files. It requires a bit of luck — that the memory hasn’t been reallocated and erased — but can be a potential file saver for those who meet the requirements. Make sure to read the program’s instructions and warnings closely before usage.
Windows XP, a 16-year-old officially unsupported operating system still in wide use around the world, was hit hard by WannaCry because the malware utilized exploits that had been patched months prior on supported operating systems like Windows 10. Shortly after WannaCry began to spread, Microsoft issued a Windows XP patch to prevent further damage.
Any solutions that come down the pipe are too late for at least some victims. Close surveillance of several bitcoin wallets associated with the WannaCry ransomware shows over $80,000 in ransom has been paid from nearly 300 victims. That’s an infinitesimal fraction of the reported 300,000 infected machines in 150 countries. It’s not clear that accounts for all the money paid in WannaCry ransom so far.
What is clear, however, is that it’s going to be extremely difficult for the hackers to move and use the money because it’s attracted so much attention from law enforcement and just about every cybersecurity company on the planet. Bitcoin’s public blockchain is ripe for surveillance if and when the hackers move the money.
Despite the widespread demand for a decrpytor, there is no panacea available for what was quickly now recognized as the most damaging ransomware attack in history.