TeslaCrypt shuts down and Releases Master Decryption KeyIn surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key. Over the past few weeks, an analyst for ESET had noticed that the developers of TeslaCrypt have been slowly closing their doors, while their previous distributors have been switching over to distributing the CryptXXX ransomware.
When the ESET researcher realized what was happening, he took a shot in the dark and used the support chat on the Tesla payment site to ask if they would release the master TeslaCrypt decryption key. To his surprise and pleasure, they agreed to do so and posted it on their now defunct payment site.
Now that the decryption key has been made publicly available, this allowed TeslaCrypt expert BloodDolly to update TeslaDecoder to version 1.0 so that it can decrypt version 3.0 and version 4.0 of TeslaCrypt encrypted files. This means that anyone who has TeslasCrypt encrypted files with the .xxx, .ttt, .micro, .mp3, or encrypted files without an extension can now decrypt their files for free!
Who knew malware creators could have a conscience?
They don't.Who knew malware creators could have a conscience?
They are just trying not to be found.
They will move and start another program like TeslaCrypt and start all over again.
Sure, but they didn't need to give out the decryption key to do that...
They've probably made enough to retire. The first month grossed something like $35K.
Or their program encrypted the system of someone who could find them and 'make sure they never do anything ever again'
They gave up the project because they have decided to focus on the development of a more sophisticated crypt locker "CryptXXX". Here the original wording of the corresponding news read on tomshardware.de (in German): "In den vergangenen Wochen haben die Sicherheitsforscher von ESET bemerkt, dass die Entwickler von TeslaCrypt dazu übergegangen sind, die neue Ransomware CryptXXX zu verteilen." Which translate into something among the lines of: "During the past weeks the security scientists of ESET discovered that the developers (of Teslacrypt) moved on to spreading the new Ransomware CryptXXX".
It's purely a business decision and has absolutely nothing to do with their conscience. In fact they gave away a master key to a software that has already been decrypted. But at least they said sorry
Actually, if you read it correctly, it says their previous distributors moved on to CryptXXX. That means, the malware companies that had been using TeslaCrypt switched to another cryptography provide, cryptxxx. It doesn't say the authors of teslacrypt have moved to cryptxxx.
No, it says "Entwickler" which means developers. The German text I postet is an unaltered copy paste of the news read on tomshardware.
And it explicitely mentions "Entwickler von TeslaCryp" which means developers of TeslaCrypt. So I'm pretty sure I read it correctly.
