French researchers find last-ditch cure to unlock WannaCry files

Share

As the WannaCry ransomware campaign stretches on into its second week, researchers have had more and more success developing tools to help users decrypt the files on infected PCs.

If the tool can't find WannaCry, it may be possible to manually identify the offending process by opening the Task Manager.

Just over a week ago thousands of computers around the world were infected by the ransomware WannaCry or WannaCrypt, able to hijack the files of up to 220,000 computers from large companies asking for an economic rescue in exchange for free their data. The Windows XP count, on the other hand, was "insignificant", the researchers said.

Suiche worked to develop the tool with security researcher Adrien Guinet and Benjamin Delpy, who put in hours outside of his day job at the Banque de France.

The newly created software in fact tries to recover the prime numbers of the RSA private key which is used by the WannaCry.

However, Guinet found out that WannaCry "does not erase the prime numbers from memory before freeing the associated memory". As per a NDTV report, WannaCry was stopped in its tracks by a British researcher, but it did infect almost 2 lakh computers worldwide.

"For systems that have been attacked, tools have been developed to unlock the files locked by this ransomware - the WannaDecrpyt or Wannakey".

What Kaspersky's findings also show is the importance of keeping your operating system fully patched and up to date - Microsoft pushed out a fix for WannaCrypt to Windows 7 users back in March. Delpy added that so far, banking, energy and some government intelligence agencies from several European countries and India had contacted him regarding the fix.

An employee of French carmaker Renault walks into the Renault George-Besse factory of Douai on Monday, where production has been stopped since Renault was hit by the global cyberattack effecting more than 150 countries.

"The infection wave is far from being over", he wrote.

The statistic seems now obvious as well considering how incredibly popular Windows 7 is especially among corporate organizations.

Some experts said the attack might have been built to exploit a weakness in Microsoft systems that had been identified by the NSA and given the name EternalBlue.

Earlier this year, Microsoft announced that it will continue to support Windows 7 until 2020, however, Markus Nitschke, Head of Windows at Microsoft Germany previously warned users, particularly business owners, of the dangers of using the operating system. "The code is capable of targeting vulnerable machine by IP address and attempting exploitation via SMB port 445".

Share

Advertisement

Related Posts

Syria: Showdown In Raqqa To Begin In June
The U.S. military uses the Incirlik Air Base in southern Turkey for attacks on IS positions in neighboring Syria. Senator Joni Ernst is applauding the Trump Administration's decision to arm Kurdish fighters in Syria.

Nashville Predators favored to win Stanley Cup
With the goalie off again, Cam Fowler scored on Anaheim's next shot 35 second later, making it a one-goal game with 2:45 to play. If you ask me, Salomaki should be out there, and the way Harry Z has been playing he deserves to be out there too.

Pablo Zabaleta aims parting dig at United in farewell speech
Manchester City's Leroy Sane in action with West Bromwich Albion's Nacer Chadli at Etihad Stadium , Manchester on May 16, 2017 . Dropping or drawing this game to the Baggies could cost them their UCL chances, so expect City to leave nothing on the field.

Google's Android Go phones might arrive in India by Diwali
Facebook Inc. tried a similar app-curation strategy picking a suite of services to "zero-rate", or subsidize the data charge. Given this flexibility, as little as $100 might be all it takes to have access to the latest features and security updates.

Impeachment of a USA president: how it works
He said during a news conference that "we are prepared to go there and explain our point of view to Congress if necessary". Part of the trouble for the Trump White House isn't just the "size and scale" of Watergate, but the eerie similarities.

Rinne's rare off-night gives Ducks life in Western Conference Final
Vatanen finally converted for Anaheim , doing so in the first period after the Predators jumped out to an early 2-0 lead. It also ended an 0-for-20 drought on power plays in the last seven games for Anaheim .

Manu Ginobili talks about possible retirement before Spurs-Warriors Game 4
Leonard landed on Pachulia's foot and the Spurs star re-injured his ankle and has not returned to play in the playoffs. LaMarcus Aldridge had 18 points and five rebounds to lead the Spurs while Manu Ginobili added 21 points off the bench.

It is happening, again - Twin Peaks returns
The first season of the series revolved around the investigation into the murder of Laura Palmer, played by Sheryl Lee . Twin Peaks is now, as it was then, the iconic suburban soap opera Peyton Place but reflected like a film negative.

Sturgeon: Tories plan to "sacrifice" of Scottish economy to win Ukip vote
Meanwhile polls have warned that Labour, which won a majority in four councils five years ago, could be facing "heavy losses". The second reason the SNP will welcome talk of a Tory surge this weekend is that it suits their ends.

Cyber-attack may spark lawsuits but Microsoft is well-protected
Then there's the US government, whose Windows hacking tools were leaked to the internet and got into the hands of cybercriminals. The Reserve Bank of India, however, said a Windows security update could prevent and protect the institutions from any breaches.

© 2015 Stump Report. All Rights reserved.