A flaw in TeslaCrypt's encryption key storage algorithm – since fixed in version 3.0 – lets the trojan's victims retrieve their files, according to a report in Bleepingcomputer.com.
The report said researchers and other victims have been helping those who've felt TeslaCrypt's sting get their files back over the past month or so. The flaw centered around how encryption keys were stored on a victim's computer and was defeated by the massive computing power of current computers.
As a result, it “was possible to use specialized programs to factorize these large numbers in order to retrieve their prime numbers” then employ “specialized tools…to reconstruct the decryption key,” the report said. “For some victim's this process could take as a little as 5 minutes to complete, while others that had stronger numbers could take days.”
