Recently an odd turn of events occurred in the ransomware industry. The developers of TeslaCrypt shut down, seemingly on their own. The surprising thing was that they also released a master decryption key to unlock all variants of TeslaCrypt. They even issued an apology.
In the past, it seems that malware and ransomware developers would continue to cash in until they were taken down by some form of power. For example, CryptoWall continued to function until its central command and control structure was broken down to nothing.
Could this mean that TeslaCrypt developers finally decided the amount of wealth they raked in was enough? Did they begin to feel remorse for their actions? Or could they have just been slowly closing their doors due to a larger power's influence?
It is all speculation at this point. Some believe it is because the TeslaCrypt distributers have switched to distributing a newer more powerful ransomware, CryptXXX. Unfortunately, we will probably never know why they decided to close up shop.
Luckily for TeslaCrypt Ransomware victims, a dedicated member of Bleeping Computer, BloodDolly, had already created a decoder that decrypts older variants. Upon receiving the master decryption key, BloodDolly updated the TeslaDecoder software to decrypt all variants of TeslaCrypt.
The TeslaDecoder by BloodDolly can be obtained via the following link:
http://download.bleepingcomputer.com/BloodDolly/TeslaDecoder.zip
You will need to enter the master decryption key when variant 3.0 or 4.0 is selected. BloodDolly will likely update the decoder to automatically include the key. Until then, insert the following key:
440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE
A support forum on TeslaDecoder can be found here:
Although the TeslaCrypt threat is likely ending, a plethora of other ransomware still exist. Newer forms continue to be developed in an unending stream. That’s why WatchPoint created CryptoStopper.io, to stop ransomware from encrypting your data.
Learn more and download a fully functional 14-day test drive. The trial allows you to simulate a Ransomware attack on your network and see the isolation process in action.
Want some one-on-one time with a WatchPoint expert? Schedule a time to talk.
Other Articles For Your Enjoyment: