How to Recover Files Infected with WannaCry RansomWare

By on
Security firm releases WannaCry patch

The past couple of weeks have been quite an annoying episode for Windows users. Hundreds of thousands of systems were infected by a ransomware that encrypts all the files on an infected system. WannaCry is the latest ransomware that has wreaked havoc to systems that are mostly running on Windows XP and 7.

At the moment, the solution is still far from being released although Microsoft has already released a patch for the said issue prior to the outbreak. Fortunately, for those who haven’t rebooted their systems since the infection, there is a solution at hand.

Security researcher Benjamin Delphy released a solution to WannaCry ransomware that can help Windows XP and 7 users, especially those who have not rebooted their systems yet. The program, wanakiwi, scours the entire system memory for any prime numbers. These prime numbers are then used to generate unlock keys that will decrypt all the files in the system.

It is important to note that this solution only works for systems that have not been rebooted since the infection. This is mainly because the program relies on the current data in the memory to generate decryption keys.

Security firm releases WannaCry patch

System infected by ransomware (via webhostingtalk.com)

WannaCry is the biggest ransomware that has affected millions of systems running on Windows XP and 7. The team of hackers, who goes by the name The Shadow Brokers, require users of infected systems to pay an equivalent of $300 in bitcoin and a deadline of one week. After paying, the team then sends the decryption key.

Prior to the outbreak, Microsoft has released a patch for the vulnerability exploit. However, systems that have deactivated automatic update were hit the most.

The hackers responsible for the ransomware took the idea from the leaked hack from the National Security Agency. Since then, clones of the said hack, including WannaCry, have been infecting various systems while security researched try and block them.

So far, it has infected more than 300,000 systems across 150 countries. The UK’s National Health Service was hit the most and eventually rendered the entire system inaccessible for some time.

For more tech updates, be sure to check us out at TheBitbag.

Also read: iOS 10.3 Jailbreak Is Still Possible but Release Uncertain

About the author

To Top