Threat Management, Data Security, Encryption, Vulnerability Management

TeslaCrypt encryption key storage algorithm flaw lets victims retrieve files

A flaw in TeslaCrypt's encryption key storage algorithm – since fixed in version 3.0 – lets the trojan's victims retrieve their files, according to a report in Bleepingcomputer.com.

The report said researchers and other victims have been helping those who've felt TeslaCrypt's sting get their files back over the past month or so. The flaw centered around how encryption keys were stored on a victim's computer and was defeated by the massive computing power of current computers. 

As a result, it “was possible to use specialized programs to factorize these large numbers in order to retrieve their prime numbers” then employ “specialized tools…to reconstruct the decryption key,” the report said.  “For some victim's this process could take as a little as 5 minutes to complete, while others that had stronger numbers could take days.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.