TESLACRYPT DECRYPTION TOOL
Talos has created a decryption program to help individuals whose data has been encrypted by the TeslaCrypt ransomware.
TeslaCrypt is a rapidly growing ransomware strain that encodes the victim’s files including photos, videos, documents, saved game files, and demands a ransom from the victim that has to be filled in a set amount of time. After the victim pays the ransom they can download a decryption key that will restore their files, if not, the files are forever lost.
This new decryption tool gives the victim the ability to decrypt their files without paying.
Version 1.0 is able to decrypt all the files encrypted by all version of TeslaCrypt and AlphaCrypt:
- TeslaCrypt 0.x – Encrypts files using an AES-256 CBC algorithm
- AlphaCrypt 0.x – Encrypts files using AES-256 and encrypts the key with EC
- TeslaCrypt 2.x – Same as previous versions, but uses EC to create a weak Recovery key. The application is able to use factorization to recover the victim’s global private key.
- TeslaCrypt 3 & 4 – The latest versions. Able to decrypt thanks to the C&C server EC private key which was recently released.