New TeslaCrypt ransomware version impossible to crack

vbimport

#1

We’ve just posted the following news: New TeslaCrypt ransomware version impossible to crack[newsimage]http://www.myce.com/wp-content/images_posts/2016/03/6-DH-EC-95x75.jpg[/newsimage]

The cybercriminals behind the TeslaCrypt ransomware have released a new version that is impossible to crack by security researchers. TeslaCrypt encrypts files on infected systems and asks a ransom in order to decrypt them.

            Read the full article here: [http://www.myce.com/news/new-teslacrypt-ransomware-version-impossible-crack-78889/](http://www.myce.com/news/new-teslacrypt-ransomware-version-impossible-crack-78889/)

            Please note that the reactions from the complete site will be synched below.

#2

With how sophisticated ransomware has become including targeting external storage media, writable network drives and so on, it looks like optical media is probably the safest backup medium.

For example, if someone unsuccessfully tries removing a ransomware infection and plugs in their USB hard disk to recover the files that were encrypted, the hidden infection could start encrypting the the contents of the hard disk before making a surprise reappearance demanding another ransom.

However, at least with recordable discs, assuming they’re still fully readable, the infection cannot tamper with the disc’s content.


#3

Yeah, first of all you should have information backed up on a external drive or at least not running on the computer. Then you are somewhat protected. But for long term storage, real important data should be burned on CDs or DVDs, and then do a re-burn of that disc every five years or so.

But is is kind of nasty that they are targeting external drives to, like USB etc.

But the real important data is not that big in size so there is no reason not to have a final backup on a burned disc.


#4

Backup is a must…

I think Cisco Talos bogentry should have included registry entries and files as stated in the comments.

TeslaCrypt v3.0=
Registry
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\meryHmas
“C:\Users[username]\AppData\Roaming[randomfilename].exe”
Path
C:\Users[username]\AppData\Roaming[randomfilename].exe

v3.0.1=???

I must say the encryption looks very advanced. There is a good blog discussing Elliptic Curve Diffie-Hellman here if you are interested in a more thorough read on the subject also including possible weaknesses.


#5

The cybercriminals behind the TeslaCrypt ransomware have released a new version that is impossible to crack by security researchers.
I heard this before…like anything if you can make it they can also break it…cybercriminals will make a mistake and they will find the solution. It’s not a one way road just cause you can make it someone can break it as well. Someone was probably waiting for this to come along to show them cyberciminals aren’t the only brains in the room.