News

Developer creates WannaCry decryptor for Windows XP

By admin
Spread the love

A French security researcher has developed software that allows Windows XP users to decrypt the WannaCry ransomware. There are, however, some limitations in terms of usability.

Security researcher Adrien Guinet from Quarkslab discovered that the prime numbers that WannaCry uses to generate the rsa key are retrievable in memory. WannaCry uses this key to encrypt files. Guinet developed the WannaKey tool to extract prime numbers from memory so that users can unencrypt without paying.

However, the effect is limited. For example, WannaKey only works with Windows XP. With the other vulnerable Windows versions, WannaCry cleans up the prime numbers from memory neatly. The tool does not seem to work in all circumstances. For example, Matt Suiche, security researcher at Comae Technologies, didn’t get the tool working.

Furthermore, Guinet itself emphasizes that systems should not have had a reboot and that users should be lucky that the memory has not been reallocated or wiped for other reasons. The biggest obstacle to actual deployment at the moment is that the WannaCry attack has not hit Windows XP systems so far struck. The ransomware does run on XP, but the worm did not target the OS. WannaKey could be of service in the event of possible attacks in the future.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Eurostar starts check-in with facial recognition at train stations in London

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory