【】

发布时间：2025-03-13 17:12:27 作者：玩站小弟

The ransomware WannaCry has infected hundreds of thousands of computer systems around the globe, but 。

The ransomware WannaCry has infected hundreds of thousands of computer systems around the globe, but a security researcher claims he's figured out how to beat it.

In some cases, that is.

Adrien Guinet says that he was able to decrypt a ransomwared computer running Windows XP in his lab by discovering the prime numbers that make up the WannaCry private key. The private key is what a ransomware victim would need to buy off his attackers in order to regain access to his own files, but Guinet says he was able to do this without paying any Bitcoin ransom.

SEE ALSO:It won't be easy for WannaCry hackers to get their cash

Importantly, Guinet acknowledges this technique has only been demonstrated to work on a computer running Windows XP. Why does that matter? Despite initial reports, those systems were not affected by the major May 12 outbreak as the worm that spread the ransomware didn't hit those systems.

However, WannaCry itself doeswork on XP — suggesting that if the ransomware manages to spread to XP this new technique could be used to help future victims.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

Tweet may have been deleted

There are some other provisos as well.

"In order to work, your computer must not have been rebooted after being infected," Guinet wrote on Github. "Please also note that you need some luck for this to work," he added, "and so it might not work in every cases!"

Why luck? As Guinet explains, when WannaCry infects a computer it generates encryption keys that rely on prime numbers. Here comes the important part: The ransomware "does not erase the prime numbers from memory before freeing the associated memory."

"If you are lucky (that is the associated memory hasn't been reallocated and erased)," continues Guinet, "these prime numbers might still be in memory."

If you can recover those prime numbers, as Guinet says he did, you can decrypt your files.

Guinet released the software he used to decrypt the infected system to the public. He calls it "Wannakey."

As mentioned above, Wannakey has not been tested on a large scale and so it may not be a silver bullet. It does, however, suggest that data considered lost in future ransomware attacks may actually be recoverable. And that is some much needed good news.

Featured Video For You

If this alarm clock doesn't get you out of bed nothing will

TopicsCybersecurityWindows

Tag：

We asked linguists if Donald Trump speaks like that on purpose
Donald Trump may do a good "drunk uncle at Thanksgiving" impersonation at his rallies, but amid all
2025-03-13
媒體人：深足內部對領導敢怒不敢言戴偉浚去年4月就想去歐洲
媒體人：深足內部對領導敢怒不敢言戴偉浚去年4月就想去歐洲_小戴_程文莉_自由www.ty42.com 日期:2022-04-28 10:31:00| 評論(已有342733條評論)
2025-03-13
王秋明：車廂偶遇於根偉促成轉會回家踢球很舒服
王秋明：車廂偶遇於根偉促成轉會回家踢球很舒服_於總_過程_結果www.ty42.com 日期:2022-04-28 14:01:00| 評論(已有342763條評論)
2025-03-13
陝西長安競技官方：歡迎吳龑、馮剛等5名球員加盟
陝西長安競技官方：歡迎吳龑、馮剛等5名球員加盟_劉毅_賽季_劉佳燊www.ty42.com 日期:2022-04-28 22:31:00| 評論(已有342801條評論)
2025-03-13
Satisfy your Olympics withdrawals with Nike's latest app
Following in the footsteps of last year's successful launch of Nike's Tech Book is back in its secon
2025-03-13
本澤馬：相比金球獎更想拿西甲歐冠回伯納烏翻盤
本澤馬：相比金球獎更想拿西甲歐冠回伯納烏翻盤_皇馬_比賽_點球www.ty42.com 日期:2022-04-27 20:01:00| 評論(已有342610條評論)
2025-03-13

百科

綜合

休閑

探索

焦點

熱點

娛樂

知識

【】

相关文章

最新评论

文章分类

大家感兴趣的内容

最近更新的内容

友情链接