A security researcher from ESET security firm issue a Teslacrypt decryption tool after the author closed the project and released a free master key.
The victims of the dreaded TeslaCrypt Ransomware now have the opportunity to restore their files by using a decryptor developed by experts from the ESET security Firm.
“Today, ESET® released a decryptor for recent variants of the TeslaCrypt ransomware. If you have been infected by one of the new variants (v3 or v4) of the notorious ransomware TeslaCrypt and the encrypted files have the extensions .xxx, .ttt, .micro, .mp3 or remained unchanged, then ESET has good news for you.” announced ESET.
A researcher from the company observed a decline in the number of victims of the TeslaCrypt ransomware, so he decided to the decryption key to the authors.
“In surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few weeks, an analyst for ESET had noticed that the developers of TeslaCrypt have been slowly closing their doors, while their previous distributors have been switching over to distributing the CryptXXX ransomware. ” reported Lawrence Abrams from bleepingcomputer.com that also published a step by step guide to use the Teslacrypt decryption Tool.
“When the ESET researcher realized what was happening, he took a shot in the dark and used the support chat on the Tesla payment site to ask if they would release the master TeslaCrypt decryption key. To his surprise and pleasure, they agreed to do so and posted it on their now defunct payment site.”
Ransomware is one of the most widespread threats. The last iteration of the TeslaCrypt ransomware spotted by experts at Endgame Inc. has been improved by the implementation of new sophisticated evasion techniques and the ability to target new file types.
The malware was used by crooks in numerous malvertising campaigns targeting high-traffic websites. The ransomware represents a serious threat for netizens and organizations. It is important to maintain aligned fresh backups of data in offline sources.
Recently experts at Kaspersky have issued a decryption tool for another ransomware, the Cryptxxx.
If you are one of the TeslaCrypt victims and want to have instruction on the Teslacrypt decryption tool, give a look to the step-by-step guide published by bleepingcomputer.com.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.