Victims of the widespread TeslaCrypt ransomware are in fortune: Security researchers have created an application that can decrypt files changed by recent variants of the malicious software.
Astonishingly, the TeslaCrypt creators themselves helped the research workers.
TeslaCrypt appeared in early 2015 and stood out by targeting game-related user content, such as save custom maps and files, along with private documents and images - 185 different file extensions in total.
The software had some reasonable success initially, making its creators $76, 522 in less than two months. Nevertheless, in April 2015, research workers from Cisco Systems found a flaw in the ransomware software that allowed them to create a decryption application for some of its variations.
The number of TeslaCrypt attacks spiked in December and beginning with version 3.0.1 of the software, which appeared in March, all encryption flaws were repaired and the existing decryption software were rendered useless. That continued until Wednesday.
Research workers from security vendor ESET have recently managed to get a copy of TeslaCrypt's master key, enabling them to create a brand new decryption application that is capable of recovering files changed by the newer variants of TeslaCrypt (3.0 and higher). They did not do this by exploiting a vulnerability in the software or its command-and-control servers, but by asking its creators for it.