How to recover data encrypted by WannaCry malicious code
The attack from the WannaCry malware, although it has subsided lately, has been extremely serious for organizations and agencies that have been attacked by computer systems. WannaCry has the ability to 'bypass' all security security firewalls. All data contained in the computer will be completely erased. And to be able to retrieve those important data, we are forced to pay a virtual money.
In this situation, there are many measures to prevent attacks, spread and strengthen the security system to prevent the vulnerabilities that WannaCry uses to invade computers. So what if the computer was attacked by WannaCry and lost most of the data? If the reader is experiencing this situation, you can use the WannaKiwi tool.
The WannaKiwi tool comes from a security researcher at Quarkslab, capable of helping users recover data after being attacked and wiped out by WannaCry.
Note to users , WannaKiwi can run on both Windows XP, Windows 7, Windows Vista, Windows Server 2003, 2008. But the tool can only 'save' data when the computer has not restarted since infection.
Step 1:
First of all, we click on the link below to download the WannaKiwi tool to your computer.
- Download the WannaKiwi tool
Step 2:
After downloading, we proceed to extract the file.
Then, access the folder and extract and run the .exe file to start the Wannakiwi program.
Step 3:
Soon, the tool will scan the entire system to find the 00000000.pky encryption string, and then perform data recovery for the user.
When the WannaCry malware attacks and infects the computer, the wcry.exe process will be created and the process will generate a private RSA key. But WannaCry did not delete the sequence of prime numbers from RAM. So if the computer is infected and has not restarted, these important serial numbers remain intact and are used to decrypt the data that WannaCry has encrypted.
Video restores data infected with WannaCry with Wanakiwi
Thus, taking advantage of the loophole of WannaCry malicious code that Wannakiwi tool has helped users can retrieve all data that was encrypted by this malicious code, deleted from the computer system. However, the computer since infection has not restarted any time Wannakiwi will work. If the computer is turned off and turned on again, it is impossible to use the Wannakiwi tool anymore.
I wish you all success!
You should read it
- All about WannaCry, Ransomware has been confusing for the past few days
- A hacker in the United Kingdom found a way to temporarily encrypt the WannaCry malware
- Warning with 4 dangerous variants of WannaCry malware
- How to remove / fix ransomware WannaCry
- Download the free WannaCry malware checker now
- How to identify WannaCry malicious code from Vietnam Computer Emergency Response Center (VNCERT)
- 2 effective and free ways to check WannaCry
- WannaCry remains one of the most dangerous global security threats
- WannaCry is not dead yet, it just attacked Honda and Australia's traffic camera system
- Network security researcher claims to find a way to decode WannaCry
- How to use Kaspersky Anti-Ransomware Tool for Business
- The more dangerous WannaCry version 2.0 has appeared
Maybe you are interested
How to set up a secure guest account on a Windows computer
15 best free photo editing software on computer
How to download Google Photos to your computer, export Google Photos library
Quantum computers also have to 'admit defeat' to the game Doom
Instructions for installing and registering a Steam account on your computer
How to download TikTok videos without watermark on computer using x2convert