Also ontsleutelingsprogramma for WannaCry on Windows 7
The French beveiligingsonderzoeker Benjamin Delpy has found a way to ransomware WannaCry on Windows 7 to be able to decrypt them.
Delpy got the idea of beveiligingsonderzoeker Adrien Guinet, that Thursday, software published to WannaCry on Windows XP to be able to decrypt them. That says Delpy on Twitter.
The so-called wanakiwi of Delpy looks like Guinets WannaKey to share a secret key on the computer left behind. WannaCry releases data on computers, making them no longer accessible. Only if there is an amount of money paid out, it promises to be the attacker’s computer to decrypt with a secret key.
With that secret key, the files are also encrypted if the malware is installed. The key would be after installation must be removed, but that is not always the case. Sometimes there are parts on the back of the computer. With those parts, it is possible to discover what the secret key is and the files to decrypt them.
To get the software to work may be affected by their users system does not reboot. As a result the share of the secret key still out of the system disappear. Incidentally, it appears that the parts not always on the system to be left behind. The software works not always.
Wanakiwi was tested by beveiligingsonderzoeker Matt Suiche. According to him, works the software on Windows 7, Server 2003, Server 2008, and Windows XP.
According to research from security company BitSight, the vast majority of the computers used by the ransomware attack hit were from Windows 7. Windows 10, the newest version of the operating system, accounted for 15 percent of the victims. There is, as yet, not found a way to access files on Windows 10 to unlock.
The attack with WannaCry began on Friday, may 12, when several companies in Spain and hospitals in Britain were victims. Soon there are reports from more countries. More than 200,000 companies in 150 countries were eventually infected. In the Netherlands, among others, were Q-Park and the klachtenwebsite of the National Action Committee Students (LAKS) for the victim.
What we know about the ransomware WannaCry