The TeslaCrypt ransomware has been a popular choice for cybercriminals since it was launched in early 2015. But in a surprising turn of events, the people behind the ransomware has unveiled the master decryption key for TeslaCrypt. Security vendor ESET has used that key to develop a decryptor tool for TeslaCrypt and has made it free to the public. Here are the details.
Ransomware image from Shutterstock
In March, we reported on the newer variant of TeslaCrypt that was said to be unbreakable. But after one of ESET's analyst anonymously contacted the group that operates TeslaCrypt to request the universal master decryption key, they decided to release it to the public.
Based on the message that was posted on the TeslaCrypt support site by the group responsible for it, this type of ransomware is being phased out. There are newer and more effective forms of ransomware that cybercriminals have access to these days so this doesn't mean the whole ransomware threat is going away any time soon.
Also, make no mistake: TeslaCrypt is still a ransomware to be feared. While the ESET tool works on all variants of TeslaCrypt, it can only unlock files that have the extensions .xxx, .ttt, .micro, .mp3 or ones that have remained unchanged.
According to ESET:
"It is important to note that ransomware remains one of the most prevalent forms of internet threats and prevention is essential to keep users safe. Therefore, users should keep their operating system and software updated, use a reliable security solution with multiple layers of protection, and regularly backup all important and valuable data at an offline location (such as external storage)."
In April, Kaspersky Lab released a tool to decrypt .Crypt ransomware files.
You can find the ESET TeslaCrypt decryptor and instructions on how to use it on ESET's support page.