Security Researchers Release Free Data Recovery Tools for Ransomware Attack Victims

Encryption cyber security placeholder
Shutterstock

Victims of last weekend’s massive worldwide ransomware attack are getting some late relief: Security researchers have published two tools capable of unlocking the data held ransom on at least some of the affected Windows PCs. However, for many, these tools may come too late.

A week ago, hackers were able to infect more than 200,000 computers across the globe, and encrypt data stored on the affected machines. The ransomware, dubbed WannaCry, would then ask users to send hackers money with the crypto-currency Bitcoin in order to get access to their data again.

Related

The National Security Agency (NSA) campus in Fort Meade, Md. The Senate, blocked an expansion of the government's power to investigate suspected terrorists, a victory for civil libertarians and privacy advocates emboldened after a National Security Agency contractor's revelations forced changes to surveillance of AmericansCongress Warrantless Surveillance, Fort Meade, USA

Microsoft Blames Spy Agencies for Ransomware Disaster

WannaCry primarily targeted older versions of Microsoft’s Windows operating system, and led to outages at U.K. health care facilities, public transit providers across Europe and even the Russian Interior Ministry.

Now, art least some of the affected users may be getting some help. The newly-released tools, dubbed WannaKey and WannaKiwi, make use of another security flaw in older versions of Windows to recover the prime numbers used to encrypt the data from an affected computer’s memory. If those numbers are found, the software can recreate the encryption key — essentially the secret pass phrase — and decrypt the data.

However, the two tools only work if the infected computers haven’t been turned off, or rebooted. Running a lot of other apps that take up memory could also have erased the prime numbers. All of this means that only a few users are going to benefit from the relief — but the technology behind it could likely be used to help other ransomware victims in the future.

Filed Under:

Want to read more articles like this one? SUBSCRIBE TO VARIETY TODAY.
Post A Comment 0

Leave a Reply

No Comments

Comments are moderated. They may be edited for clarity and reprinting in whole or in part in Variety publications.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

More Digital News from Variety

Loading