Frenchman claims cure for WannaCry-infected computers
The developers released the tool on Friday, as the deadline expires for computers all over the world first infected a week ago.
The researchers warned that their solution would only work in certain conditions, namely if computers had not been rebooted since becoming infected and if victims applied the fix before WannaCry carried out its threat to lock their files permanently.
It is still not likely the technique will help many people, particularly because it works only if their machines have not been rebooted. In addition, companies needing to restore their operations right away likely would have turned to backups, if available, by now. As of Friday, the three accounts known to collect ransom payments had received less than $100,000 worth of the cybercurrency bitcoin, an amount that security researchers say is small compared with how widely WannaCry spread. On Thursday, French computer-security researcher Adrien Guinet found a way to unscramble the files without paying the $300 ransom.
In his research summary, Guinet said the software has only been tested to work under Windows XP and “it might not work in every case”.
The central bank said in a statement it had sent recommendations to Russian banks on updating their Windows software in April before the Wannacry attack, which it said it had recorded on May 12.
Chris Wysopal, chief technology officer with the software security company Veracode, says after ransomware attacks, researchers will often infect one of their own machines on objective to see if the key is somehow left in the memory.
WannaCry primarily targeted older versions of Microsoft’s Windows operating system, and led to outages at United Kingdom health care facilities, public transit providers across Europe and even the Russian Interior Ministry.