Those affected by the WannaCry virus now number in the hundreds of thousands . Last week, a virus known as WannaCry jeopardized the security of thousands of companies worldwide. The most curious thing of all is that the attack began in Spain. And specifically at the headquarters of Telefónica.
In the last days there have been several solutions published. But the truth is that the results have not been entirely good. Some users have wanted to try them, but they have not worked well. And they continue with the hijacked computer files. Unless they have paid the 300 Bitcoin requested by the criminals.
Now a security expert seems to have found the remedy for all ills. It could be the most effective WannaCry solution . Although, it must be said, it might not be valid for the common of affected users.
It could be the solution to WannaCry
First of all, we must remind readers that WannaCry is a ransomware attack. What does this mean? Well, the cybercriminals' technique involves hijacking the computer and asking for a ransom in return . The victim has to provide it before a certain deadline. Otherwise, you will lose all the stolen information.
This is especially worrying in the case of companies and corporations that, like Telefónica, have confidential information on their computers. Remembering the nature of WannaCry, we must bear in mind that users who have already been attacked (or victims of the famous hijacking) have a much more difficult time expelling this virus from their computers .
#New! Partial solution to decrypt #WannaCry infected files. Don't reboot machine & try it w / following instructions: //t.co/6Hbo14B00o
- EC3 (@ EC3Europol) May 19, 2017
How does WanaKiwi work?
Is it really effective? The tool in question comes from the hand of Benjamin Delpy (also known as gentilkiwi), a security expert. The proposed solution will work on your computer as long as you haven't restarted it.
Actually, the solution is based on a previous solution called WannaKey, whose author was Adrien Guinet. It is compatible with both Windows XP and up to Windows 7 .
The operation is as follows: the tool searches the memory of the computer for the prime numbers that are the basis of the encryption. That is why it is so important not to restart your computer. When it restarts, this data is deleted.
What the tool does next is use them to generate keys and unlock the encrypted files. When WannaCry lands on computers, it generates an unlock key. It remains hidden in memory until the computer restarts . Hence, it is so important not to have restarted the computer before applying this possible solution.
So far, the Europol Cybercrime Center has tested it and has obtained satisfactory results. This has been communicated through his Twitter account.
How to download WannaKiwi?
Obviously, WannaKiwi will not be a useful tool for all infected computers. In fact, we could already discard the computers that have been rebooted. And these may be a vast majority. Not in vain, the most likely thing is that to try to correct the problem, the first thing you have done is restart the computer .
Be that as it may, if you suspect that you have been infected by WannaCry, there is always time to try. WannaKiwi can be downloaded for free from GitHub. Download the program and give it a try to try to decrypt your computer and try to recover the hijacked files.