The Tesla victims can have their data back for free!
Such a move certainly is surprising and leaves doubts about the malicious actors intentions.The developers of the famous TeslaCrypt have closed down their ransomware and have released the original decryption key online. No, that is not a joke, but the real truth. Such an end to the TeslaCrypt is quite surprising for everyone. However, this move towards shutting the malicious script down has been observed by the security researchers over the past few weeks. Experts have noticed that the creators of TeslaCrypt have been slowly closing their activity down. Their previous distributors, on the other hand, have been moving to the distribution of CryptXXX ransomware.
To the surprise of everyone, the hackers have released the master TeslaCrypt decryption key and even posted it on their payment website, that is now officially out of function. On the payment page now there is a message stating “Project closed”, followed by the universal decryption key. The cybercriminals even said “sorry” at the end of the message.
We can’t possibly imagine this has ever happened before. With an apology, too.
After the release of the decryption key was made publically available, the security experts of TeslaCrypt were able to update the TeslaDecoder versions up to version 3.0 and 4.0. Now, everyone whose files have been encrypted with TeslasCrypt can decrypt his files for free! This works for the encrypted files with endings like .xxx, .ttt, .micro, .mp3, or other encrypted files without an extension.
The only Tesla version that still cannot be easily decrypted remains the .ccc version. Now, there will be about one million happy victims of the TeslaCrypt, that would finally restore their data back. In this case, they could even consider themselves “lucky” to be hit by Tesla, rather than some other Ransomware, where many of these are not decryptable in anyways.
Now, what is the catch?
As fantastic as these news seems, it is hard to believe the malicious actors could be this ethical. Could there be a catch? The reactions of the users online are skeptical and they have right to be dubious. We can’t possibly imagine this has ever happened before. With an apology, too. It just sounds too good to be true. After all, could the bad guys be sorry and give away the master key just like that? Or, maybe they are cooking up something worse and releasing the decryption just to lock the victims with another malicious script again? Having in mind that all the victims’ computers have been compromised first by another malware that introduced Tesla inside the system, this scenario could be quite realistic.
After all, there is a golden piece of advice we would like to repeat once again. Make sure you keep healthy and valid backups of everything you do not want to loose. Always. Be it as a preventive measure against ransomware or even a hard disk crash. It is always good to have a backup in hand.
To all that really paid a ransom of TeslaCrypt to get the key, well, it’s a sad experience. For everyone that was hesitant whether to pay or not, then this is a very happy ending. That’s why we always advise victims of ransomware not to easily take money out of their pockets for such form of blackmailing. Now, everyone who got lucky can have all his data recovered. Do celebrate this properly with making a good backup of all your recovered files.