Fraudsters behind ransomware TeslaCrypt have patched the flaws that allowed victims to recover their files without paying them first. In fact, according to researchers, TeslaCrypt 3.0.1, the new version, doesn’t have any known flaws at all, making it “impossible” for anyone to crack it.
Security researchers at Cisco Talos report that TeslaCrypt 3.0.1 comes with a very sophisticated cryptographic algorithm. “We can not say it loud and often enough, ransomware has become the black plague of the Internet,” researchers wrote in a blog post. “The adversaries are modifying and improving it in every version.”
Earlier researchers found vulnerabilities in several older versions of TeslaCrypt, and made tools such as TeslaCrack, TeslaDecrypt, and TeslaDecoder that allowed victims of the TeslaCrypt ransomware to unlock their files without paying the criminals. The feat was considered as a victory of sorts. “Unfortunately, so far we are not aware of any tool which can do the same for this variant of TeslaCrypt,” researchers added.
The previous versions of TeslaCrypt stored the private key needed to unlock the device on a user’s machine. In the new version, fraudsters generate the key in the victim’s computer but then move it to their server.
Ransomware has quickly become one of the biggest security threats. Downloading a ransomware affected app installs a tool on the victim’s machine, locking down all of the files, and giving a time frame in which victims must pay, should they want their files back. Over the past two years, this stain of malware has grown sophisticated, now coming stuffed with several popular apps. A BitTorrent client forOS X was recently found compromised with a ransomware.
Download the Gadgets 360 app for Android and iOS to stay up to date with the latest tech news, product reviews, and exclusive deals on the popular mobiles.