To protect Windows users against ransomware, Microsoft has checked hundreds of millions computers for the Tescrypt ransomware. This ransomware appeared first in March this year and encrypts all kinds of files. Users that want to decrypt the files have to pay a ransom of up to $500.
Tescrypt is different from other ransomware because it encrypts files with a range of extensions, including files from iTunes and computer games. In recent weeks ten thousands of Windows users were infected with this ransomware. Tescrypt together with another famous ransomware, Cryptowall, is estimated to be responsible for more than half a million infections on Windows computers in the first half of 2015.
Previous versions of Tescrypt contained a loophole that it made it possible to decrypt files with a free tool provided by Cisco. In new versions this loophole has been closed.
Despite that Microsoft detected fewer infections it nevertheless decided to add detection for the malware in its Malicious Software Removal TOol (MSRT), which is also capable of deleting the ransomware.
The MSRT is a built-in tool in Windows that receives new virus definitions each month in Microsoft's monthly patch cycle. After it receives the new definition it also performs a system scan.
