HOME

TheInfoList



Click Here for Items Related To - TeslaCrypt
OR:
TeslaCrypt on:   [Wikipedia]   [Google]   [Amazon]

TeslaCrypt was a
ransomware Ransomware is a type of malware from cryptovirology that threatens to publish the victim's personal data or permanently block access to it unless a ransom is paid off. While some simple ransomware may lock the system without damaging any files, ...
trojan. It is now defunct, and its master key was released by the developers. In its early forms, TeslaCrypt targeted game-play data for specific
computer game Video games, also known as computer games, are electronic games that involves interaction with a user interface or input device such as a joystick, game controller, controller, computer keyboard, keyboard, or motion sensing device to gener ...
s. Newer variants of the malware also affect other file types. In its original, game-player campaign, upon infection the malware searched for 185 file extensions related to 40 different games, which include the ''
Call of Duty ''Call of Duty'' is a first-person shooter video game Media franchise, franchise published by Activision. Starting out in 2003, it first focused on games set in World War II. Over time, the series has seen games set in the midst of the Cold W ...
'' series, ''
World of Warcraft ''World of Warcraft'' (''WoW'') is a massively multiplayer online role-playing game (MMORPG) released in 2004 by Blizzard Entertainment. Set in the ''Warcraft'' fantasy universe, ''World of Warcraft'' takes place within the world of Azeroth ...
'', ''
Minecraft ''Minecraft'' is a sandbox game developed by Mojang Studios. The game was created by Markus "Notch" Persson in the Java programming language. Following several early private testing versions, it was first made public in May 2009 before being ...
'' and '' World of Tanks'', and encrypted such files. The files targeted involve the save data, player profiles, custom maps and game mods stored on the victim's hard drives. Newer variants of TeslaCrypt were not focused on computer games alone but also encrypted Word, PDF, JPEG and other files. In all cases, the victim would then be prompted to pay a ransom of $500 worth of
bitcoin Bitcoin ( abbreviation: BTC; sign: ₿) is a decentralized digital currency that can be transferred on the peer-to-peer bitcoin network. Bitcoin transactions are verified by network nodes through cryptography and recorded in a public distr ...
s in order to obtain the key to decrypt the files. Although resembling
CryptoLocker The CryptoLocker ransomware attack was a cyberattack using the ''CryptoLocker'' ransomware that occurred from 5 September 2013 to late May 2014. The attack utilized a trojan that targeted computers running Microsoft Windows, and was believed ...
in form and function, Teslacrypt shares no code with CryptoLocker and was developed independently. The malware infected computers via the Angler
Adobe Flash Adobe Flash (formerly Macromedia Flash and FutureSplash) is a multimedia Computing platform, software platform used for production of Flash animation, animations, rich web applications, application software, desktop applications, mobile apps, mo ...
exploit. Even though the ransomware claimed TeslaCrypt used asymmetric encryption, researchers from Cisco's Talos Group found that symmetric encryption was used and developed a decryption tool for it. This "deficiency" was changed in version 2.0, rendering it impossible to decrypt files affected by TeslaCrypt-2.0. By November 2015, security researchers from Kaspersky had been quietly circulating that there was a new weakness in version 2.0, but carefully keeping that knowledge away from the malware developer so that they could not fix the flaw. As of January 2016, a new version 3.0 was discovered that had fixed the flaw. A full behavior report, which shows BehaviorGraphs and ExecutionGraphs was published by JoeSecurity.


Shut down

In May 2016, the developers of TeslaCrypt shut down the ransomware and released the master decryption key, thus bringing an end to the ransomware. After a few days, ESET released a public tool to decrypt affected computers at no charge.


References

Blackmail Windows malware Cryptographic attacks 2015 in computing Ransomware {{malware-stub