WanaKiwi Decryptor for WannaCry Ransomware Works on Multiple Windows Versions

Elizabeth Williams
June 6, 2017

Computers running on Windows 7 accounted for the largest proportion of machines infected with the WannaCry ransomware, according to recent statistics by security firms.

Most people Don't update their PCs - According to surveys done by NetMarketShare, almost half of the PCs now being used around the world, are powered by Windows 7.

Anyway, it is the responsibility of the user to have an original operating system license and to verify that Windows is updated regularly with the latest security patches, otherwise, for as much Windows 10 as we have, most likely scenario is that we end up being another victim to a large-scale computer attack just like the one suffered a little more than a week ago.

For computers within corporate networks, once an attack is spotted, disconnection of the invaded computer from the Internet and internal networks needs to be done immediately. German rail firm Deutsche Bahn, Spanish telecom firm Telefonica, logistics firm FedEx, French automaker Renault, 61 NHS organizations, and the interior ministry of Russian Federation were all caught by the WannaCry ransomware.

The "Wanakiwi", as the team calls the new tool, works only on computers that have not been restarted since showing the ransom image, and only for files that have not been locked permanently by WannaCry after a week.

Security experts also found that the worm spread largely by seeking out vulnerable machines on the net by itself. There have been no reports that anyone who paid has had their data restored by those behind the attack.

WannaCry first hit headlines on May 12, 2017, when it took down the UK's National Health Service (NHS).

The patch blocked the vulnerability exploited by WannaCry.

Earlier this year, Microsoft announced that it will continue to support Windows 7 until 2020, however, Markus Nitschke, Head of Windows at Microsoft Germany previously warned users, particularly business owners, of the dangers of using the operating system.

Windows 7 remains hugely popular with users and is still used on around 45 percent of all machines Microsoft's operating system.

But infections of XP by WannaCry were "insignificant" said Costin Raiu from Kaspersky Lab. Windows 10 held 0.03% of the total number of infections, which shows that there were a few computers affected, but not enough to be considered a relevant sample.

Other reports by VgToday

Discuss This Article