Fraudsters behind ransomware TeslaCrypt have patched the flaws that allowed victims to recover their files without paying them first. In fact, according to researchers, TeslaCrypt 3.0.1, the new version, doesn't have any known flaws at all, making it "impossible" for anyone to crack it.
Security researchers at Cisco Talos report that TeslaCrypt 3.0.1 comes with a very sophisticated cryptographic algorithm. "We can not say it loud and often enough, ransomware has become the black plague of the Internet," researchers wrote in a blog post. "The adversaries are modifying and improving it in every version."
Earlier researchers found vulnerabilities in several older versions of TeslaCrypt, and made tools such as TeslaCrack, TeslaDecrypt, and TeslaDecoder that allowed victims of the TeslaCrypt ransomware to unlock their files without paying the criminals. The feat was considered as a victory of sorts. "Unfortunately, so far we are not aware of any tool which can do the same for this variant of TeslaCrypt," researchers added.
The previous versions of TeslaCrypt stored the private key needed to unlock the device on a user's machine. In the new version, fraudsters generate the key in the victim's computer but then move it to their server.
Ransomware has quickly become one of the biggest security threats. Downloading a ransomware affected app installs a tool on the victim's machine, locking down all of the files, and giving a time frame in which victims must pay, should they want their files back. Over the past two years, this stain of malware has grown sophisticated, now coming stuffed with several popular apps. A BitTorrent client for OS X was recently found compromised with a ransomware.
Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.