时间:2025-07-19 06:42:24 来源:网络整理编辑:焦點
The ransomware WannaCry has infected hundreds of thousands of computer systems around the globe, but
The ransomware WannaCry has infected hundreds of thousands of computer systems around the globe, but a security researcher claims he's figured out how to beat it.
In some cases, that is.
Adrien Guinet says that he was able to decrypt a ransomwared computer running Windows XP in his lab by discovering the prime numbers that make up the WannaCry private key. The private key is what a ransomware victim would need to buy off his attackers in order to regain access to his own files, but Guinet says he was able to do this without paying any Bitcoin ransom.
SEE ALSO:It won't be easy for WannaCry hackers to get their cashImportantly, Guinet acknowledges this technique has only been demonstrated to work on a computer running Windows XP. Why does that matter? Despite initial reports, those systems were not affected by the major May 12 outbreak as the worm that spread the ransomware didn't hit those systems.
However, WannaCry itself doeswork on XP — suggesting that if the ransomware manages to spread to XP this new technique could be used to help future victims.
Tweet may have been deleted
There are some other provisos as well.
"In order to work, your computer must not have been rebooted after being infected," Guinet wrote on Github. "Please also note that you need some luck for this to work," he added, "and so it might not work in every cases!"
Why luck? As Guinet explains, when WannaCry infects a computer it generates encryption keys that rely on prime numbers. Here comes the important part: The ransomware "does not erase the prime numbers from memory before freeing the associated memory."
"If you are lucky (that is the associated memory hasn't been reallocated and erased)," continues Guinet, "these prime numbers might still be in memory."
If you can recover those prime numbers, as Guinet says he did, you can decrypt your files.
Guinet released the software he used to decrypt the infected system to the public. He calls it "Wannakey."
As mentioned above, Wannakey has not been tested on a large scale and so it may not be a silver bullet. It does, however, suggest that data considered lost in future ransomware attacks may actually be recoverable. And that is some much needed good news.
TopicsCybersecurityWindows
Ivanka Trump's unpaid interns share cringeworthy financial advice2025-07-19 06:39
曼市德比首發:C羅搭檔格林伍德 福登熱蘇斯出戰2025-07-19 06:29
西媒 :梅西加盟巴黎時提出條件 一切以國家隊為重2025-07-19 06:27
貴州隊集體討薪:欠薪或超一億 有球員今年拿到不足5千元2025-07-19 06:00
What brands need to know about virtual reality2025-07-19 05:58
泰山連續4年殺入足協杯決賽 2將狀態火爆費萊尼及時回歸2025-07-19 05:57
萊科:奧斯卡不應染紅 頂級球員停賽對中國足球不是好事2025-07-19 05:27
新帥指定代言人!孫興慜已為三任主教練攻入首球2025-07-19 05:24
Over 82,000 evacuate as Blue Cut fire rapidly spreads in southern California2025-07-19 04:27
主宰比賽!曼城妖衛造烏龍+助攻 名宿 :4億都不賣2025-07-19 04:16
Fake news reports from the Newseum are infinitely better than actual news2025-07-19 06:28
巴薩首發:德佩法蒂先發 德容布斯克茨出戰2025-07-19 05:58
B費力挺索帥:人們太容易怪罪主教練 他幹得很好2025-07-19 05:16
火力恐怖!拜仁2021年聯賽進球破百 距德甲紀錄僅1球2025-07-19 05:02
This German startup wants to be your bank (without being a bank)2025-07-19 04:49
記者:河南隊未收到劉家輝禁賽通知 首發也經過審核2025-07-19 04:35
尤文前瞻:斑馬軍望結束兩連敗 或迎曆史最差開局2025-07-19 04:24
魯媒:山東隊已反饋河南隊違規事宜 按規則應判02025-07-19 04:10
Fyvush Finkel, Emmy winner for 'Picket Fences,' dies at 932025-07-19 04:01
傳奇歸來!名記:舍甫琴科將返意擔任熱那亞主帥2025-07-19 04:00