teslacrypt A dangerous piece of PC ransomware is now impossible to crack

[Reefa]

If TeslaCrypt invades your system, you'll have to pay.

 

What do developers do after discovering a software vulnerability? Why, patch it, of course. Ironically, criminals have learned that lesson too, as one gang has updated the notorious TeslaCrypt ransomware with new features that are impossible to crack, according to Cisco's Talos security arm. That means user infected with the latest version (3.01) of the malware can no longer use white hat-engineered software to get their files back. Until someone finds a new solution -- and that seems unlikely -- victims will have to pay.

 

Companies like Kaspersky and Cisco's Talos have reverse-engineered various pieces of ransomware, helping corporate clients and anyone else rescue files without paying. The security community has also developed better detection and distribution disruption methods for the scourge. According to Talos, "this has lead adversaries to iterating and improving upon the previous release of TeslaCrypt."

 

Quote

We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated exploit kits and countless spam campaigns.

 

Previously, it stored the private key needed to unlock files on your own machine. However, after generating the key locally, TeslaCrypt 3.01 transfers it to the bad guy's server and deletes it from your PC. As a result, "the private key never has to leave the [attacker's] server and the ransomware uses a different key for each victim," according to Talos. With the 256-bit key nowhere to be found and impossible to brute force, the only way you can get your files is to pay.

 

"We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated exploit kits and countless spam campaigns," Talos says. Attackers are going after bigger targets that can afford to pay more, with potentially catastrophic consequences, as we saw at a Hollywood hospital. The best defense is to back up your files, but even that might not help. The FBI recently said that "in a new scheme, cyber criminals attempt to infect whole networks with ransomware and use persistent access to locate and delete network backups."

 

SourcE

[knowledge-Spammer]

to much ransomware nowdays whats going on

[steven36]

Backup of everything on external hard drive and unplug it   every day like i do and reformat if it happens   and dont pay them nothing . Every time you boot into windows there's a risk that it could malfunction  and you lose everything anyways. I learn this a long time ago  . Don't put all you're eggs in one basket .

[straycat19]

If, and I say this tongue in cheek because I can't bite my tongue as I say it, you have a good security program (I am not talking about software but a system of security procedures) and your users follow those procedures (and they will if the punishment for not doing so is immediate termination) then ransomware is no longer an issue.  Personally, in an organization with 20,000 plus computers I have seen two cases of ransomware.  One was on a contract affiliate's system that was not maintained by us and the other was a user at a remote location who obviously had too much time to surf the internet and ignored our security policy completely by clicking on a hyperlink in an email.  In the first case we were providing the affiliate with a folder on a server and her folder contents were also encrypted.  In the second case only  the users computer was affected since she did not have access to our servers.  Of course we have daily backups of all our servers and we have external drives for all our computers which are setup to do a daily windows backup.  Personally I have 5 NAS units at home with a total backup capacity of 122 TB which are secured by a login and password so if one of my  systems did get ransomware it would not be able to write to the NAS without me actually logging into one of them and in essence granting the malware access, which isn't going to happen.

[steven36]

Thing is you're  not to talking to a company  you're talking to mostly home users who read the pc centric news everyday . I wont  never be clicking on emails  unless i  sent for that email or know the person and i use fake email for most things . Most of us are not noobs and were not business users were home users and  only ITs can implement security at work and unless we work as a IT  we have no say at work. And companies security is only  as good as it's IT  . if they have a bad or lazy IT.. they have bad security.

 

Most topics I post about how to implement security to business is not very popular . Because  its of no use to the average user it would only interest another IT . But  most likely it would not interest them very much because most  think they know more than everyone else and they  are not willing to learn new things.

 

The smarter ones  that i find interesting are the ones that  didn't go to school  for it  and done it in the real world and the thing is because of  a companies requirements they cant hire some of the most qualified that's knows much more than any IT there missing out.  

[pc71520]

22 hours ago, knowledge said:

Too much ransomware, nowdays.

What's going on?

Over-exaggeration and marketing...

[Kalju]

It is really strange that some speak again, that it does not threaten them, that they have a good anti-virus and so on.
You will receive this issue by opening absolutely normal file, no matter what it may be. It is usually some kind of bill what you get and if open it. Naturally, such a bill from an unknown sender. 
Usually it is empty, or notify you that something is missing and cannot open, and you are prompted to open something else. Ends thing so, that unfortunately can not be opened.
Of course, you may pay or not to pay, it does not change anything. 
These messages will not be sent only one or two, but millions. Nobody knows what code was used if encrypted someones files.
Do You suppose, that there is an accounting?
It is also known, from where it began and who is the leader, but it is not appropriate to say here, I think. The main character is a fugitive, but hardly anything depends, is he  apprehended or not.

• So, make a copies, if you are afraid of;
• Do not open unknown emails and invoices;
• Do not open the suggested links, if You don't know who suggested and why is so needed.

None other thing does not protect You and Your files in any way, most likely your encrypted files can never opened.

(Just yesterday I heard the latest news on the matter.)