When TeslaCrypt ransomware was first released, it started infecting users with a “bang”. The virus had multiple variants which suggested that it may have been used by more than one hacking teams. Fortunately, a decryptor has been released for free for TeslaCrypt ransomware, which is why we have decided to create instructions and hence simplifies the user into decrypting files encoded by the TeslaCrypt ransomware. Due to its many variants, the decryptor, kindly created by the malware researcher BloodDolly works with the master key released into the public and affected users can now decrypt their files. The decryptor is called TeslaDecoder and in this article, we will show you how to effectively decrypt TeslaCrypt files.
TeslaCrypt Ransomware – A Bit of Background
TeslaCrypt’s latest 3.0 and 4.0 versions have made a lot of money to their creators by encrypting files with a very strong encryption algorithm. Researchers believe that the current algorithm used by the latest version of TeslaCrypt is a very strong RSA cipher. Unlike the 3rd version, the 4th version of TeslaCrypt force-restarts the computer of the user to begin encrypting a wide variety of often used file types.
However the good news is that the following master decryption key was released for the many variants (.xxx, .ttt, .jpg, .mp3, .exx, .ezz, .ecc, .micro) of TeslaCrypt ransomware:
This pushed researchers into creating a working decryptor, named TeslaDecoder. Below we will show you how to decode your files using it.
Decrypting Files Encrypted by TeslaCrypt Ransomware
We have decided to separate this decryption process in two stages – preparation and decryption, to make the process effective and efficient. Here are the instructions:
Just in case this process takes some time for your computer, to complete and you happen to be busy with other activities while decryption commences, we have left instructions on how to disable automatic hibernation and shutdown on your computer:
Step 1: Click on the battery icon in your system tray (next to the digital clock) in Windows and then click on More Power Options.
Step 2: The Power Options menu will appear. In your power plan click on Change Plan Settings.
Step 3: In your plan’s settings make sure you set “Turn off the display” and “Put computer to sleep” to “Never” from the drop down minutes menu.
Step 4: Click on “Change Advanced Plan Settings” and click to expand the “Hard Disk” option in the list there.
Step 5: From there, set the power settings (On Battery and Powered On) to “Never”.
To decode files, you should first download the TeslaDecoder tool, by clicking on the button below:
After downloading the software, you should see it as a .ZIP file. It is an archive file. You should download WinRar software or use the built-in zip reader of Windows to open it and extract the “TeslaDecoder” somewhere you can easily open it:
As soon as you have extracted the folder, open it. In it locate and open TeslaDecoder.exe file:
After you have opened it, you should see the below posted screen. From there, click on the “Set Key” button:
After you do this, a sub-menu will appear with a drop-down list of the variants of TeslaCrypt. Choose your variant after which click on the “Set Key” button and this sub-menu shall close:
From there you have several options:
- Decrypt Folder – specify a folder to decode.
- Decrypt All – decrypt all files of this variant. (overwrites the encrypted files – backup is recommended)
- Decrypt List – decrypt files from a pre-set file list.
In case you did not choose to overwrite your files, the decoder will save them in a backup copy under the .TeslaDecoder extension.
Since the risk of you having TeslaCrypt still on your computer, we recommend you decrypt the files from a safe computer, or secure your computer for the moment and the future as well. This is the reason we have created several steps to help you secure your computer and at the same time stay protected from ransomware in the future as well:
Step 1: Make sure to read our general protection tips and try to make them your habit and educated others to do so as well.
Step 2: Install an advanced anti-malware program that has an often updated real-time shield definitions and ransomware protection.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
Unfortunately for many users, these methods somehow may not work with TeslaCrypt’s .vvv variant.