Join us at TNW Conference 2022 for insights into the future of tech →

The heart of tech

This article was published on May 20, 2017

    Security researcher found a WannaCry fix for some infected computers

    Security researcher found a WannaCry fix for some infected computers
    Rachel Kaser
    Story by

    Rachel Kaser

    Internet Culture Writer

    Rachel is a writer and former game critic from Central Texas. She enjoys gaming, writing mystery stories, streaming on Twitch, and horseback Rachel is a writer and former game critic from Central Texas. She enjoys gaming, writing mystery stories, streaming on Twitch, and horseback riding. Check her Twitter for curmudgeonly criticisms.

    If you were one of the thousands of people effected by the WannaCry ransomware attack that started last week, then there’s a fix for you — provided you haven’t rebooted your computer.

    The fix was created by security researcher Benjamin Delpy, a.k.a. “gentilkiwi,” and is called “wanakiwi.” It’s based on an older fix called “WannaKey” created by Adrien Guinet, and works on Windows version XP to 7.

    Here’s how it works: It searches the computer’s memory for prime numbers that are the basis of the encryption, which would be wiped if you’d restarted your computer. It then uses those to generate unlock keys for the encrypted files. It’s relatively simple to understand, and free on Github.

    Europol’s Cyber Crime Centre tested it, and found it to be at least somewhat successful:

    It’s not going to help everyone — we wouldn’t blame you if one of the first things you did to try and fix your computer was restart it. But hopefully it’ll help some people who can’t (or don’t want to) pay the $300 Bitcoin ransom the attackers are currently demanding.