The End of TeslaCrypt - Master Decryption Key Released

The End of TeslaCrypt – Master Decryption Key Available

teslacrypt-ransomware-master-decryption-keyTeslaCrypt ransomware has turned many users into victims. However, this ransomware story may be coming to its foreseeable end. According to an ESET researcher, the vicious file-encryption operation is now shut down. A free decryption key is available to anyone who wants to unlock their files.

TeslaCrypt Operators Make Master Decryption Key Public

The researcher says he made contact with the virus operators via the support channel on their website hosted on the Dark Web. The threat actors said they were shutting down TeslaCrypt. They even agreed to offer a master decryption key for victims.

The decryption key has been posted on the Dark Web page which was available for victims’ payments. The following message is attached to it:

Project closed. Master key for decrypt [KEY] Wait for other people make universal decrypt software. We are sorry!

Luckily, the master decryption key is suitable with TeslaCrypt version 3 and 4. Those versions are known to append a secondary file extension to encrypted files – .xxx, .ttt, .micro, .mp3.

For more information, visit our security forums

More about ESET TeslaCrypt Decrypter

Even though the master decryption key has been made public, ESET has already created a TeslaCrypt Decrypter.

Furthermore, BloodyDolly’s TeslaDecoder has also been upgraded to work with the decryption master key. According to multiple security researchers, TeslaCrypt’s infections have started to fade away. The intensity of spam campaigns spreading the virus has declined, too.

One logical question to be asked here is what led to the diminishment of the threat. It’s simple – the ransomware operators switched to developing another ransomware. CryptXXX.

From TeslaCrypt to CryptXXX

According to BC’s Lawrence Abrams, the cybercriminal group has shifted to CryptXXX. As to why – CryptXXX may have appeared to be the more profitable ransomware strain to “nurture”. However, it’s already been cracked by Kaspersky not once but twice (CryptXXX 1.0 and CryptXXX 2.0).

Here’s how to remove CryptXXX

In addition, white hats have been continuously working towards the breakdown of multiple ransomware families, such as Locky, which was recently “hacked” to distribute antivirus files instead of ransomware.

If the end is near for TeslaCrypt, CryptXXX, and Locky, what could be next?

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share