French researchers find way to unlock WannaCry without ransom

Seems like there is a tiny bit of hope for some of those affected by the WannaCry ransomware, figured it would be best to make a thread and get this info out there ASAP, in the hope that some can benefit...

Reuters

WannaCry, which started to sweep round the globe last Friday and has infected more than 300,000 computers in 150 nations, threatens to lock out victims who have not paid a sum of $300 to $600 within one week of infection.

A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed.

But the researchers said their solution would only work in certain conditions, namely if computers had not been rebooted since becoming infected and if victims applied the fix before WannaCry carried out its threat to lock their files permanently.

The group includes Adrien Guinet, who works as a security expert, Matthieu Suiche, who is an internationally known hacker, and Benjamin Delpy, who helped out by night, in his spare time, outside his day job at the Banque de France.

"We knew we must go fast because, as time passes, there is less chance to recover," Delpy said after a second sleepless night of work this week allowed him to release a workable way to decrypt WannaCry at 6 am Paris time (12 a.m. ET) on Friday.

a reply to: JacKatMtn

I heard a lot of the ransoms were only for like $300 worth of Bitcoin at a time. It'd be nice if they released the software for free!

My solution... boot live linux, copy your personal files. Reinstall.

cost? $0

if it's that bad paying ?? even an IT guru? bin and boot I don't see the point in paying a single cent. then I don't know anything about this scareware...

originally posted by: badw0lf
My solution... boot live linux, copy your personal files. Reinstall.

cost? $0

if it's that bad paying ?? even an IT guru? bin and boot I don't see the point in paying a single cent. then I don't know anything about this scareware...

You could boot the PC in live linux but you still won't be able to use your files because they are encrypted. This is a cryptolocker virus. First it encrypts all of your files, then it demands ransom for the key to decrypt everything. Linux isn't going to help you decrypt your files.

The only way to solve this without paying the ransom is to have 2 things:

1. Existing backups of your files in a safe location. You need to backup regularly.
2. A Windows installation disc and valid product key. (or whatever OS you use)

The problem is people rarely ever have either 1 or 2. I don't know anyone personally who bothers backing up their data, and very few people who have an installation disc for their OS or know where their product key is. This is why cryptolocker malware is so devastating. It preys upon the bad habits and ignorance of the masses of computer illiterate.