How to Unlock WannaCry Ransomware Without Paying a Cent

MakeUseOf

By Ben Stegner

Published May 24, 2017

If you've been hit by WannaCry, all your files are locked away behind a high price. Don't pay those thieves -- try this free tool to unlock your data.

In the past past weeks, we've seen a wild ransomware attack that affected industries all around the world. Dubbed WannaCry, it spread via an exploit through an outdated protocol in Windows. Affected systems spread the malware across networks without the other machines even having to click a link. Thankfully the spread is over, but companies hit by the attack still have a lot of mess to clean up.

If you were infected, you know that you shouldn't pay up. Ransomware authors obviously aren't honest people, so there's no guarantee that they'll provide the decryption key even if you hand over the cash. Fortunately, there's a tool that might be able to unlock computers affected by WannaCry for no cost. It works to retrieve critical numbers left over by the ransomware and use them to figure out the decryption key.

It's not a surefire deal, however. The computer must not have been rebooted since being infected, and if another process erased the memory used by WannaCry, it might be lost. Still, it's worth a try for those infected. This works on Windows XP , Vista, Windows 7, and Server 2003/2008 systems.

Start by downloading the WannaKiwi tool and placing it on a computer that's been infected. The developer states that the default settings should work fine, so just run the utility and let it do its job. If you're lucky, it will retrieve the important numbers and get to work on decrypting your computer. For more information, read the developer's usage guide.

WannaCry is nasty, but if you're running Windows 10 or Windows 7 with automatic updates installed, you were immune to it. This is mainly for business who are running outdated versions of Windows or weren't installing updates regularly. That's why it's important to make sure you install security patches!

To protect against WannaCry variants, you should also disable the outdated SMB v1 protocol on your system.

Do you know anyone affected by WannaCry? Did this tool recover their files successfully? Tell us if you've ever fallen victim to ransomware down in the comments!

Image Credit: Zephyr_p via Shutterstock