WannaCry Ransomware Attack News: No-Ransom Way to Save Locked Files Found by Researchers
As hundreds of thousands of computers around the world came under the grip of the WannaCry ransomware, security analysts have been working around the clock to devise a way to save the files locked up by the malware. French researchers said that they have found a way to unlock files encrypted by WannaCry on Friday, May 19.
After a week since the ransom cyber scheme was first reported to have hit computers and networks around the world, researchers have learned a lot on how the ransomware works and what could be done to recover files locked away by the malware. WannaCry has spread to more than 300,000 computers in more than 150 countries in that span of time, according to Reuters.
The ransomware encrypts important files and threatens to render them unusable if the victim does not pay $300 to $600 within a week. The ransomers are asking for Bitcoin payments.
Security researchers have succeeded in developing a way to unlock the encrypted files. The solution has since been verified by other, independent analysts as effective, but only under certain conditions.
The "Wanakiwi," as the team calls the new tool, works only on computers that have not been restarted since showing the ransom image, and only for files that have not been locked permanently by WannaCry after a week.
Matthieu Suiche, one of the collaborators working on the remedy, described the situation. "This is not a perfect solution," Suiche noted, given the limited set of conditions that "Wanakiwi" need in order to work. "But this is so far the only workable solution to help enterprises to recover their files if they have been infected and have no back-ups," Suiche added.
"Wanakiwi" has been demonstrated to be effective for various versions of the Windows Operating System, including Windows 7. According to data compiled by antivirus developer Kaspersky, an estimated 98 percent of computers crippled by "WannaCry" are still running a variant of Windows 7, especially the 64-bit version of the OS.