{"id":12160,"date":"2016-05-19T09:00:43","date_gmt":"2016-05-19T13:00:43","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=12160"},"modified":"2017-09-24T08:05:42","modified_gmt":"2017-09-24T12:05:42","slug":"teslacrypt-master-key","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/teslacrypt-master-key\/12160\/","title":{"rendered":"Bye-bye, TeslaCrypt: Grand finale"},"content":{"rendered":"

According to the theory of probability, strange things have to happen every now and then: There is a small chance that a particular strange thing might happen and an infinite number of things or events that we would probably call strange. Sometimes these strange things are rather good \u2014 like, for example, the news that the cybercriminals behind the TeslaCrypt ransomware suddenly released<\/a> the master key. Using that master key, anyone can decrypt the files that were encrypted by every version of TeslaCrypt. Just, wow.<\/p>\n

\"Bye-bye,<\/a><\/p>\n

It seems that for some reason the cybercriminals have decided to stop distributing TeslaCrypt \u2014 ransomware that was considered one of the worst so far of its kind. The distribution campaigns that used to bring TeslaCrypt to the victims switched to carrying CryptXXX instead (for which Kaspersky Lab has developed a cure).<\/p>\n

Once the security researchers at ESET noticed that, they decided to use the TeslaCrypt\u2019s TOR support site to ask if the cybercriminals would kindly release the master key \u2026 and they agreed. The now-defunct support site features the master key and notes \u201cProject closed\u201d and \u201cwe are sorry!\u201d<\/p>\n

http:\/\/www.bleepstatic.com\/images\/news\/ransomware\/t\/teslacrypt\/teslacrypt-closed\/teslacrypt-closed.png<\/p>\n

But for an average computer user, the key is of no use without some code. That\u2019s why BleepingComputer user BloodDolly, who had previously tried to make decryption utilities for TeslaCrypt, has used the key to update his TeslaDecoder.<\/p>\n

The utility is rather easy to use. To decrypt your files, you\u2019ll have to enter the key, select the file extension that TeslaCrypt used to encrypt your files, and then choose the destination folder with encrypted files \u2014 or just allow the utility to scan your whole hard drive.<\/p>\n

\n

Master decryption key released for #TeslaCrypt<\/a> #ransomware<\/a> via @threatpost<\/a> https:\/\/t.co\/YTqlZeYZ6z<\/a> pic.twitter.com\/I9wsK2cq3J<\/a><\/p>\n

\u2014 Kaspersky (@kaspersky) May 19, 2016<\/a><\/p><\/blockquote>\n