Emag.co.uk Entertainment News Leader
Security researcher Adrien Guinet claimes to have created a new tool that can bypass WannaCry ransomware saying it can restore infected computers without paying any money to the hackers group.
Guinet added the new tool is designed to take advantage of shortcoming in Windows XP for the decrypting purpose of an infected computer.
He continued the tool has been successful on several other infected Windows XP machines.
However, the tool may not work for all victims like if it is booted after the hack.
He further said, “This software allows to recover the prime numbers of the RSA private key that are used by Wanacry.”
the CryptDestroyKey and CryptReleaseContext does not erase the prime numbers before freeign the associate memory.
More to all these, it is learned the WannaKey does not work on infected Windows 10 machines as the CryptReleaseContext cleans up the memory.
If a user is lucky, the prime numbers may not have been reallocated and erase, and would be still in the memory.
Guinet’s work provides hope to many even if it is not working in several computers including in the machine of another security researcher Matthieu Suiche.
WannaCry is a global threat to computers and the group is demanding a ransom of about $300 to $600 from victims.
Security agencies have strongly suggested victims not to pay the ransom money to the hacking group of ransomware as this will boost up their confidence and also the money would be used in creating more complex hacking procedures.
