Computers around the world started to fall prey to a ransomware attack called WannaCry last week, before the spread of the malware was at least temporarily halted. The malware makes use of a security vulnerability in older versions of Windows that was first discovered by the US National Security Agency and later released by a group called Shadow Brokers.

While Microsoft has released security updates that should help protect your computer, what do you do if your PC contracts the WannaCry virus before you can update?

For a while it looked like you had two choices: pay a ransom to unlock your data or give up. But now there’s a third option: security researchers have found a way to decrypt data on infected PCs without paying the ransom. But it won’t necessarily work for everyone.

The main thing you need to know? Act quickly and don’t reboot your PC if it becomes infected with WannaCry.

Two tools have been released so far that may be able to decrypt your data. But they both do this by searching for a prime number written to your computer’s memory in order to calculate the key needed to unlock your data.

If you reboot your PC, the prime number will be erased from memory and you’re out of luck. But the number could also be overwritten if you simply wait too long. So the key is to find the latest security tool available and try to run it.

Right now it looks like the best option if you’re running Windows XP through Windows 7 is an open source application called Wanakiwi.

Just download, unzip, and run the application on an infected PC and it will do its best to unlock your data.

Wanakiwi uses the same method for calculating a key that an earlier tool called Wannakey utilizes, but while Wannakey has only been tested on Windows XP, Wanakiwi has been tested on newer versions of Windows.

Wannakey was developed by Adrien Guinet, while Benjamin Delpy developed Wanakiwi.

Want to know more? has the best explanation I’ve seen so far about how the new tools work.

via Wired, FOSSBytes, and Ars Technica

Support Liliputing

Liliputing's primary sources of revenue are advertising and affiliate links (if you click the "Shop" button at the top of the page and buy something on Amazon, for example, we'll get a small commission).

But there are several ways you can support the site directly even if you're using an ad blocker* and hate online shopping.

Contribute to our Patreon campaign


Contribute via PayPal

* If you are using an ad blocker like uBlock Origin and seeing a pop-up message at the bottom of the screen, we have a guide that may help you disable it.

Subscribe to Liliputing via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 9,535 other subscribers