Wcry, now available on Windows XP
The tool is called Wcry and it plucks the key right out of the affected system’s memory. This solution is currently available for Windows XP and only when the PC in question hasn’t been rebooted or its memory overwritten. Wcry was developed by Adrien Guinet, a French researcher, who posted the solution on GitHub for free.
How it works
According to Guinet, the software has only been tested under Windows XP and it runs perfectly. The note found next to the app also reads that “in order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!” In Windows XP, there is a flaw which prevents the erasure of the keys from the memory and this flaw is lacking from newer operating systems. It is important that the prime numbers are still in the memory. Guinet says that: As you can use the tool for more ransomware infections, it will prove to be very useful for providing tech support. RELATED STORIES TO CHECK OUT:
WannaCry’s creators threaten to release more malware to Windows 10 Adylkuzz, another large scale Windows cyberattack, is reportedly on its way How to stay safe online after the WannaCrypt attacks
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ