By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    How to Fight Rootkits -Kaspersky Daily
    1 year ago
    Faketoken Banking Trojan is Getting Widespread in 55 Countries
    1 year ago
    95% of Android phones can be hacked with one just MMS
    1 year ago
    Latest News
    Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution
    2 hours ago
    Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware
    20 hours ago
    Patchstack Alliance Bounty Program Events for December
    3 days ago
    Your Smart Coffee Maker is Brewing Up Trouble
    3 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Unscheduled update for WordPress fixes two critical vulnerabilities
    Unscheduled update for WordPress fixes two critical vulnerabilities
    1 year ago
    Windows 11 build 22621.457 (KB5016695) outs in Release Preview Channel
    1 year ago
    How to change time zone on Windows 11
    1 year ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    10 months ago
    Now you can speed up any video in your browser
    10 months ago
    How to restore access to a file after EFS or view it on another computer?
    10 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    11 months ago
  • How To
    How ToShow More
    How to stop, disable, and remove any Android apps — even system ones
    2 days ago
    Bigger, Better, Cooler in a 2U1N form factor
    Bigger, Better, Cooler in a 2U1N form factor
    3 days ago
    Vulnerability in crypto wallets created online in the early 2010s
    4 days ago
    Use Windows 11 features to inspire creativity, speed up everyday tasks
    5 days ago
    Windows brings nostalgia to the holidays with the return of Windows Ugly Sweaters, this year featuring the Bliss backdrop
    6 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to set HDR (JXR) wallpapers on Windows 11
    4 months ago
    How to extract Zip, RAR, 7z, Tar on Windows 11
    3 months ago
    How to turn Wi-Fi On or Off on Windows 11
    1 month ago
    Latest News
    How to disable news feed from Widgets on Windows 11
    17 mins ago
    How to fix performance issues after upgrading to Windows 11 23H2
    17 mins ago
    How to disable updates on Windows 10 Pro and Home
    1 day ago
    Change screen brightness on Windows 11
    3 days ago
  • Glossary
  • My Bookmarks
Reading: TeslaCrypt 2.0 ransomware improved version
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

TeslaCrypt 2.0 ransomware improved version

Vitus White
Last updated: 13 October
Vitus White 1 year ago
Share
4 Min Read

Cybercriminals are learning from each other. Take TeslaCrypt, for example. It is a relatively new family of ransomware; its samples were first detected in February 2015. The notable feature of the early TeslaCrypt versions was that malware was targeting not only usual sets of files, including documents, pictures and videos, but games-related file types as well. By that time, it was a rather weak malware due to a couple of its technical flaws.

TeslaCrypt 2.0 ransomware

Despite the fact malware creators scared their victims with the frightful RSA-2048 algorithm, in reality the encryption was not that strong. Moreover, during the encryption process the malware stored encryption keys in a file on the victim’s computer hard drive, making it possible to save the key by interrupting the encryptor’s operation, or to extract the key before the respective area of the disk was overwritten.

But, as was mentioned above, criminals are learning. In the latest TeslaCrypt 2.0 version, which was recently discovered by Kaspersky Lab researchers, malware creators have implemented some new features preventing decryption of stolen files and discovery of malware’s command&control servers.

The best line of #defense against any #ransomware is to have backed up your machines yesterday. https://t.co/cpcBqX1Qy2

— Kaspersky Lab (@kaspersky) January 30, 2015

First, they’ve adopted the sophisticated elliptic curve encryption algorithm from creators of the famous and very troublesome CTB-Locker ransomware. Secondly, they’ve changed the method of key storaging: now they are using the system registry instead of a file on disk.

Thirdly, TeslaCrypt creators have stolen the web page which victims see after their files have been encrypted from another ransomware family, CryptoWall. Of course, all payment credentials are changed, but the rest of the text, which is very effective from a ‘selling’ point of view, is fully copied. By the way, the ransom is rather large: about $500 at the current bitcoin exchange rate.

TeslaCrypt ransomware page

Malware from the TeslaCrypt family is known to be distributed using exploit kits such as Angler, Sweet Orange, and Nuclear. This method of distributing malware works as follows: When a victim visits an infected website, an exploit’s malicious code uses vulnerabilities in the browser (usually in plugins) to install target malware in the system.

#TeslaCrypt 2.0 #ransomware: stronger and more complicated

Tweet

The most affected countries include USA, Germany, UK, France, Italy, and Spain. Kaspersky Lab products detect malware from the TeslaCrypt family, including the latest version discussed above, as Trojan-Ransom.Win32.Bitman. So, our users are not in danger.

TeslaCrypt geography

Our recommendations on counteracting this and other families of ransomware include the following:

  • Create backup copies of all your important files on a regular basis. Copies should be kept on media that are physically disconnected immediately after the backup copying is completed. The last part is important, because the TeslaCrypt and other types of malware encrypt connected drives and network folders as well as the local hard drive.
  • It is crucially important to update your software in a timely fashion, especially the web browser and its plugins.
  • In case a malicious program lands on your system, it will be best addressed by the latest version of a security software with updated databases and activated security modules.

Source: kaspersky.com

Translate this article

TAGGED: Encryption, Malware, PoC, RC4, RTF, Security, Software, Targeted Attack, Threats, Vulnerabilities
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

How to disable news feed from Widgets on Windows 11
News 3 hours ago
How to fix performance issues after upgrading to Windows 11 23H2
News 3 hours ago
Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution
Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution
Wordpress Threats 5 hours ago
Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware
Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware
Wordpress Threats 23 hours ago
How to disable updates on Windows 10 Pro and Home
News 1 day ago

You Might Also Like

News

How to fix performance issues after upgrading to Windows 11 23H2

3 hours ago
Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution
Wordpress Threats

Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution

5 hours ago
Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware
Wordpress Threats

Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware

23 hours ago
News

How to disable updates on Windows 10 Pro and Home

1 day ago
Show More

Related stories

Several Critical Vulnerabilities including Privilege Escalation, Authentication Bypass, and More Patched in UserPro WordPress Plugin
BridesMaid – neuron writes toasts For those very occasions when you need to give out a powerful
The other day Yandex pleased us with the announcement of a new Midi station – an excellent reason to listen
REMIX – remixes of pictures from neural networksCreate, share and correct works
How to download Diablo IV for free and absolutely legallyBlizzard has opened a free
Rostelecom employees were forced to abandon Android and iOS in favor of Aurora.
Previous Next

10 New Stories

How to stop, disable, and remove any Android apps — even system ones
Patchstack Alliance Bounty Program Events for December
Your Smart Coffee Maker is Brewing Up Trouble
Bigger, Better, Cooler in a 2U1N form factor
Change screen brightness on Windows 11
Earn up to $10,000 for Vulnerabilities in WordPress Software
Previous Next
Hot News
How to disable news feed from Widgets on Windows 11
How to fix performance issues after upgrading to Windows 11 23H2
Update ASAP! Critical Unauthenticated Arbitrary File Upload in MW WP Form Allows Malicious Code Execution
Fake CVE Phishing Campaign Tricks WordPress Users Into Installing Malware
How to disable updates on Windows 10 Pro and Home
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?