Teslacrypt RIP: Cisco Talos decryptor on the job

All files encrypted with Teslacrypt files can now be decrypted.
All files encrypted with Teslacrypt files can now be decrypted.

Cisco Talos stated today that it has a Teslacrypt decryptor tool up and running and ready for download that will work against any variant of this ransomware.

This is the latest progress made against this nasty malware that was first introduced in 2015 with the latest update striking victims in March 2016 when Teslacrypt 4.0 was released into the wild.

“Ransomware is a constantly growing threat, but with respect to TeslaCrypt, the battle is effectively over in that there is a decryptor for all versions of this ransomware variant,” Cisco Talos wrote.

The ransomware was hit with a near fatal blow in May when its authors released the master decryptor keys. During its heyday Teslacrypt was delivered through a variety of websites including Joomla and WordPress.

However, Teslacrypt might not be down for the count. Limor Kessem, IBM's cybersecurity evangelist noted the software could be updated.

"TeslaCrypt can easily come back with a new version and a new key, if only its operators so chose to do. There must be something else happening with those behind TeslaCrypt, which has made them abandon the scene either for the time being, or for good," she told SCMagazine in an email.

Updated to include Limor Kessem comments.
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS