It has been one week since the WannaCry ransomware made its way into computers around the globe, but now that the dust has settled, researchers have had time to examine the true impacts.
Developed by a security expert Adrien Guinet, an internationally-known hacker Matthieu Suiche and a part-time coder and full-time bank employee Benjamin Delpy, the free tool named "wannakiwi" has been tested by European Cybercrime Centre and has been "found to recover data in some circumstances".
Wannacry spread across the internet last week, infecting systems across the world and embarrassing nations that don't upgrade their OSs.
The researchers said, however, the tools are not ideal and only work if the infected computers have not been rebooted after being hit by the program. The catch? It only works on computers running Windows XP through Windows 7 who haven't rebooted their computers since the infection (via CNET).
Guinet, a security researcher at Paris-based Quarks Lab, published the theoretical technique for decrypting WannaCry files late Wednesday and Thursday, which Delpy, also in Paris, figured out how to turn into a practical tool to salvage files.
"This is not a ideal solution", Suiche said.
His blog post links to a Delpy's "wanakiwi" decryption tool which is based on Guinet's original concept. Incidentally, most of the infections occurred in China and Russian Federation, with the United States reportedly only seeing about 7% of worldwide infections. "But this is so far the only workable solution to help enterprises to recover their files if they have been infected and have no back-ups". "Paying a ransom does not guarantee the victim will regain access to their data".