According to Tom'sHardware, when attacked by ransomware, victims usually have two options: pay the ransom to get their data back or accept losing everything. However, a new method allows decryption of data without giving in to hackers - just invest in enough graphics cards (GPUs). Blogger Tinyhack discovered a way to brute-force the encryption key (try all the possibilities of the code/key) of the ransomware called Akira - one of the most popular malware in the world using GPUs, but this process consumes a lot of hardware resources. If using an RTX 4090 card, the decryption process can take up to 7 days. Meanwhile, if using 16 GPUs running in parallel, the time can be reduced to about 10 hours.

PHOTO: WCCFTECH SCREENSHOT

Akira uses the ChaCha8 and KCipher2 encryption algorithms, which generate keys based on four timestamps that are accurate to the nanosecond. Since the system can only generate keys within a narrow range (about 5 million nanoseconds, or 0.005 seconds), the GPU can run a brute-force test to try all possibilities within this range and find the correct key.

However, this method is not always effective. To crack successfully, the encrypted data must be kept intact, because if the file is modified after infection, important timestamps can be lost. Additionally, if the data is stored on a network storage system (NFS) instead of a local hard drive, server latency can make it more difficult to determine the exact time.

Given the sheer processing demands, compromised organizations may need to rent GPU servers from services like Runpod or Vast.ai to speed up decryption. It took one Tinyhack customer about three weeks to decrypt all of the infected data using this method.

Finding a way to decrypt ransomware without paying the ransom is a major step forward in cybersecurity. However, this method is still very expensive, requiring a powerful GPU system, or is time-consuming. Meanwhile, the ransomware operators will likely find a way to patch the vulnerability soon, making decryption impossible.

No matter how powerful the tools, the most effective security element still lies with people. Being educated on cybersecurity, backing up your data regularly, and taking preventative measures are the best ways to avoid being forced to choose between paying a ransom or spending tens of thousands of dollars on hardware to decrypt your data.