Security researchers at ESET had been tracking the number of infections at the hands of TeslaCrypt, which is a piece of ransomware that encrypts the users’ files and holds them up for a bitcoin ransom. But the researchers noticed a considerable dip in TeslaCrypt cases, with other forms of ransomware becoming more prevalent like CryptXXX.
According to a report from BleepingComputer, the makers of TeslaCrypt operated a support chat service, a peculiar service that a number of cybercriminals have actually been using. The researcher contacted TeslaCrypt’s authors through this feature and much to his surprise, they happily handed over the decryption key for free.
The decryption details have now been posted on the webpage that previously hosted the payment details for victims with the message, “we are sorry!”
Using the details that they retrieved from the decryption key, ESET has now released a decryption tool for TeslaCrypt victims to guide them through the decryption process and get their data back.
ESET is keen to point out that decryption software like this isn’t a silver bullet to ransomware.
“We must stress that ransomware remains one of the most dangerous computer threats at this moment, and prevention is essential to keep users safe,” said ESET in its announcement. “Therefore, they should keep operating systems and software updated, use reliable security solutions with multiple layers of protection, and regularly back up all important and valuable data at an offline location (such as external storage).”
Users are also advised to stay wary of suspicious looking links in their browsers or emails from unknown sources, which may be vehicles used to distribute the ransomware.
Cases of ransomware have become more and more notorious in recent months with a number of high profile cases and several new variants of the viruses making the rounds, so users should stay vigilant.
- New Android ransomware is spreading through text messages
- The best password managers for 2019
- Facebook lawsuit may increase accountability for spyware makers
- NordVPN confirms an attacker breached a rented Finland server
- Microsoft’s Secured Core PCs could be the most hacker-resistant laptops ever