Wannacry cyber attack compromised Russian banks in isolated cases

French security researcher Adrien Guinet has figured out a way to decrypt files locked by the infamous WannaCry ransomware.

In his research summary, Guinet - who works for the Paris-based firm Quarkslab - said his software had only been tested to work under Windows XP.

"(The method) should work with any operating system from XP to Win7", Suiche told Reuters, via direct message on Twitter.

Sunday's salvo tacitly noted the NSA's key role in Friday's attack, which copied almost verbatim large sections of two highly advanced hacking tools that were stolen from the NSA and leaked to the world at large last month by a mysterious group calling itself Shadow Brokers.

A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed.

While WannaCry is still evolving, people so far have been largely unaware about its reach, except for knowing that it targets almost all Windows versions released before Windows 10.

After it creates this key the interface erases the key on most versions of Windows.

Seeking to head off further criticism in the wake of the WannaCry outbreak, the US software giant last weekend released a free patch for Windows XP and other older Windows versions that it previously only offered to pay customers.

Reuters also reports that half of all internet addresses corrupted globally by WannaCry are located in China and Russian Federation, with 30 and 20 percent respectively.

By contrast, the United States accounts for 7 percent of WannaCry infections while Britain, France and Germany each represent just 2 percent of worldwide attacks, Kryptos said. "In order to work, your computer must not have been rebooted after being infected". It appears the attackers have found people willing to pay. Most companies needing to restore their operations right away would have turned to back-ups, if available, by now. This is why many users even after paying the ransom have not been able to get their data back.

In the post, which will worry security agencies and companies around the world, the Shadow Brokers said: "In June, TheShadowBrokers is announcing "TheShadowBrokers Data Dump of the Month" service". Free support for XP was ended in April 2014; the release of a non-paid patch shows how seriously WannaCry was being treated by the company.

Latest News