Finally, researchers have found the way to decrypt files encrypted by WannaCry Ransomware. If your PC has been infected by this notorious ransomware, you can now get back your important files without paying the Ransom.
Up to 20% off on Refurbished MobilesBuy Refurbished or Unboxed products on big discounts
Adrien Guinet, a French security researcher from Quarkslab, has discovered a way to get the encryption keys used by the WannaCry ransomware. His method works successfully on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008 operating systems.
Also read: Everything you need to know about WannaCry
Based on his findings, he released a tool named WannaKey that tries to retrieve the two prime numbers used by WannaCry to generate the encryption keys from memory. But this tool is not easy to use because it only pulls prime numbers from the memory of affected computers and one needs to generate the decryption key manually.
Another researcher Benjamin Delpy developed an easy to use too called WanaKiwi that is based on Guinet’s finding but simplifies the process of WannaCry-infected file decryption.
If your system was infected and you can download the WanaKiwi tool from Github and run on your infected computer. This tool works fine on Windows XP, Windows 7, Windows Vista, Windows Server 2003 and 2008.
It may not have 100% success ratio but the tool still helps a lot. Many users can now decrypt their files and avoid paying the ransom. Researchers are trying to find ways to encrypt for other Windows platforms as well.