Here’s some rare good news for victims struggling to unlock files encrypted by the TeslaCrypt ransomware.
You can now decrypt all files locked by TeslaCrypt without paying a ransom.
That means victims no longer need to search endlessly for ways to recover TeslaCrypt-encrypted data. The solution has come directly from an unexpected source: the malware authors themselves.
Since first appearing in March last year, TeslaCrypt was widely used in large-scale malvertising campaigns. The ransomware primarily targeted Windows users, especially PC gamers, encrypting files and demanding payments that typically reached $500 in Bitcoin.
Infections were commonly delivered through compromised websites, malicious advertising networks, and phishing emails.
In a surprising turn, the operators behind TeslaCrypt have apparently shut down their operation. Before disappearing, they released a master decryption key that can unlock files encrypted by the latest versions of the ransomware.
Even more unusual, the master key was released publicly and free of charge, allowing victims to recover their data without paying anything.
One of the TeslaCrypt developers posted the following message on the malware’s dark web site:
Project closed! Master key for decrypt: 440A241DD80FCC5664E861989DB716E08CE627D8D40C7EA360AE855C727A49EE. Wait for other people make universal decrypt software. We are sorry!
The message appeared after an ESET security researcher contacted the attackers, noting that TeslaCrypt activity had dropped sharply and asking whether a decryption key could be released.
Shortly after, the authors provided the master key, and ESET created a free TeslaCrypt ransomware decryptor based on it.
How to Use the TeslaCrypt Master Decryption Key
Using the released master key, security researchers built a dedicated decryptor tool. The utility is available from ESET and includes instructions to help victims restore their files.
