TeslaCrypt Ransomware Maker Shuts Down, Releases Master Key

An anonymous reader writes: The TeslaCrypt ransomware makers have officially closed down shop and apologized for all the damage they have caused in the past. TeslaCrypt upset a lot of gamers as it would locate and encrypt video games on your Windows PC. With the recent decision to shut down, anti-ransomware researchers have been able to create a fool-proof decryption app called TeslaDecoder (Link is a direct download). Now, many of the hard drives rendered useless by the malware are available to use, and almost every file can be accessed using the unlock system. "TeslaCrypt's website was on the Tor network and now consists of a master key and an apology," writes TechCrunch.

Vigilante Justice

[johnsmithperson123]

Probably something like this: Hello. I am a Gray Hat Hacker. Pay me $5000 and write a program that unlocks all your ransomware, and I might forget to turn you in.

Re:how are people getting infected?

[Opportunist]

The currently most popular way is you getting a mail entitled "invoice" or "last warning" from some party that you might have actually ordered something from (Amazon, EBay, Paypal...), with a file invoice.pdf.exe attached.

And since Windows STILL in its unending wisdom does NOT show file extensions in the default setting for some godforsaken reason, and since you can freely choose what icons you want your executable file to display... you get the idea, I'm sure.

Re:how are people getting infected?

Then again, using any part of the file name to denote MIME type is brain dead. Microsoft's problem is they only hid extensions instead of fixing the OS to handle files properly.