Slashdot Mirror
TeslaCrypt Ransomware Maker Shuts Down, Releases Master Key (techcrunch.com)
An anonymous reader writes: The TeslaCrypt ransomware makers have officially closed down shop and apologized for all the damage they have caused in the past. TeslaCrypt upset a lot of gamers as it would locate and encrypt video games on your Windows PC. With the recent decision to shut down, anti-ransomware researchers have been able to create a fool-proof decryption app called TeslaDecoder (Link is a direct download). Now, many of the hard drives rendered useless by the malware are available to use, and almost every file can be accessed using the unlock system. "TeslaCrypt's website was on the Tor network and now consists of a master key and an apology," writes TechCrunch.
TeslaCrypt got hacked.
Now that their toy is broken, they're not going to play with it anymore. They Promise, they feel bad. More likely they're just tooling up a new one and will go back to their evil ways.
..but they didn't turn themselves in, and they didn't return their ill-gotten gains, so they're still scumbags
Sure. But how often do you get any sort of an apology like this? With all the ugly shit going on all over the world, isn't it a little refreshing that someone actually says they're sorry and makes at least some token amends for their actions? Small consolation or not.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Probably something like this: Hello. I am a Gray Hat Hacker. Pay me $5000 and write a program that unlocks all your ransomware, and I might forget to turn you in.
It smells more like someone came to their door and said "Dude. Listen. This is our biz. We do the ransomware racket on this planet. We encrypt people's stuff and they pay us. You will now close shop and if we notice that any bitcoin that was supposed to go to us goes to you, well, your kidneys are worth a pretty bitcoin too".
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The currently most popular way is you getting a mail entitled "invoice" or "last warning" from some party that you might have actually ordered something from (Amazon, EBay, Paypal...), with a file invoice.pdf.exe attached.
And since Windows STILL in its unending wisdom does NOT show file extensions in the default setting for some godforsaken reason, and since you can freely choose what icons you want your executable file to display... you get the idea, I'm sure.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Different sources, and the teslacrypt makers don't really have to care: The malware world has become a real economy with specialisation, and everyone provides different services. One can do really good email phising attacks, the other one has hacked a service and sells off the databases. Some sell access to hacked computers, and others write and sell ransomware.
So the vector which gets the malware onto the computers is as different as the customers of the ransomware: it may come to you via an email attachment that is a microsoft word macro, or it may use some adobe flash zero day on some infected website. Doesn't have to be a zero day, if your computer isn't up to date, it might be an old CVE as well! And yeah it may ship with pirated games too.
And since Windows STILL in its unending wisdom does NOT show file extensions in the default setting for some godforsaken reason
The hiding of extensions still stands as one of the WORST, most misguided things they ever did. And there is no reason for it, none, zero, zip, nada.
Just cruising through this digital world at 33 1/3 rpm...
Then again, using any part of the file name to denote MIME type is brain dead. Microsoft's problem is they only hid extensions instead of fixing the OS to handle files properly.
At the hosts file? How do you block malware at the hosts file? Is there someone on Slashdot who could tell me more about hosts files?