Email
Password
Remember meForgot password?
    Log in with Twitter

article image'Uncrackable' ransomware no more as creator hands over key

By James Walker     May 19, 2016 in Technology
The creators of TeslaCrypt, one of the most successful ransomware campaigns to date, have released the encryption key used to lock victims' files, effectively shutting the malware down. There is now a free program available to decrypt affected data.
The news is a surprising twist in the story of TeslaCrypt. Initially, the ransomware targeted players of popular PC games including Minecraft and World of Warcraft, and encrypted the save game files. Later versions of the program took a much broader approach, encrypting all a victim's user data. It then demanded $500 in Bitcoin to recover the data.
After escaping security experts, TeslaCrypt has now come to a sudden end. The master encryption key, used to lock users' files, has been made publicly available online, allowing researchers to build a program capable of decrypting affected data.
The developer of the ransomware appears to have been slowly suspending operations over the past few weeks. As things began to draw to a close, the websites that previously distributed the malware began to offer the alternative CryptXXX program instead.
As Bleeping Computer reports, the strange activity was noticed by a researcher at security firm ESET. The researcher realised what was happening as TeslaCrypt began to die out, concluding he had a chance to put an end to the malware for good.
Posing as a victim of TeslaCrypt, the researcher used the live chat support on the ransomware's payment site to contact the developers. He asked whether they could release the master decryption key to help him get his data back. To the surprise of everyone involved, the creators obliged.
Today, the official website of TeslaCrypt is no more. Its location on the dark web is now occupied by a simple webpage titled "Project closed." The page contains the master encryption key and a message that appears to be intended for TeslaCrypt victims: "Wait for other people make universal decrypt software. We are sorry!"
A third-party developer quickly stepped up and released such a universal decrypt software. BloodDolly has monitored every version of TeslaCrypt and previously created a program capable of unlocking files encrypted by older versions. TeslaDecoder has now been updated with the master key and is able to decrypt any data affected by TeslaCrypt. A version of the program is available for download from ESET's website.
It remains unknown why the creators of TeslaCrypt have decided to close the project down. It is unusual for a ransomware to disappear altogether and unheard of for the developers to release the master key, letting every affected victim retrieve their files for free.
Monitoring malware and the actions of cybercriminals is a complex task as threats evolve every day. In the case of TeslaCrypt, the developers appear to have had a change of heart though, perhaps as a consequence of the Bitcoins they've accumulated from the ransomware.
More about teslacrypt, Ransomware, Malware, Security, Encryption
 
Latest News
Top News