TeslaCrypt ransomware gives up

In a move that has taken many by surprise, the team behind the ransomware TeslaCrypt have decided to discontinue the malware. In order not to leave any users who haven’t yet paid or been caught out by the malware, they have released the master key which will unlock any files encrypted by TeslaCrypt.

To obtain the key, customers simply have to follow the payment link on their TeslaCrypt infected computer. Instead of asking them for the bitcoin details it now simply says that the project is closed and shows the master key. For those interested it is:

440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE

Interestingly the screen also shows a message saying that the authors of TeslaCrypt are waiting for other people to make universal decrypt software. It ends with the words “we are sorry!”

The news of all of this was initially announced by researchers at computer security company ESET. In its press release announcing its latest decryptor for TeslaCrypt, ESET discloses how one of its researchers asked for and was given the universal master decryption key. With that in hand they have built their own TeslaCrypt decryptor. Click here to download the file.

They are not the only ones offering a decryptor. Bleeping Computer has reported that TeslaCrypt expert BloodDolly has already updated the TeslaDecoder tool with this information. Like the ESET tool it is also free of charge and can be downloaded here.

Conclusion

There is little information as to why the authors of TeslaCrypt decided to give it up. It was being incredibly successful for them and in their last version they had updated their ransomware with what they called “unbreakable encryption.”

This is far from the end of ransomware as a threat to end users. ESET warns in its press release that users should continue to be on the alert for suspicious files. It’s also important that users continue to backup their important data so that if they are attacked they limit the amount of data that they lose.