By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    What is an Exploit? -Kaspersky Daily
    8 months ago
    Darkhotel APT in luxury Asian hotels
    8 months ago
    Kaspersky Lab expert Andrey Pozhogin answers questions about ransomware
    8 months ago
    Latest News
    Triangulation: Trojan for iOS | Kaspersky official blog
    5 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
    5 days ago
    Safeguards against firmware signed with stolen MSI keys
    7 days ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    7 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    Keylogger found on 5500 sites running WordPress
    Keylogger found on 5500 sites running WordPress
    8 months ago
    Windows 11 build 22622.575 (KB5016694) releases in the Beta Channel
    8 months ago
    How to create restore point on Windows 11
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    Nine years of Project Galileo and how the last year has changed it
    Nine years of Project Galileo and how the last year has changed it
    16 hours ago
    Dynamic data collection with Zaraz Worker Variables
    Dynamic data collection with Zaraz Worker Variables
    4 days ago
    Reduce latency and increase cache hits with Regional Tiered Cache
    Reduce latency and increase cache hits with Regional Tiered Cache
    5 days ago
    Cloudflare is deprecating Railgun
    Cloudflare is deprecating Railgun
    5 days ago
    What is two-factor authentication | Kaspersky official blog
    1 week ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    How to add Vkontakte middle name?
    8 months ago
    How to prevent applications from running in the background on Windows 10?
    8 months ago
    Do you know how to reinstall Windows from a flash drive?
    8 months ago
    Latest News
    How to generate SSH keys on Windows 11
    6 hours ago
    How to enable file sharing on WSA for Windows 11
    6 hours ago
    How to add CPU, GPU, RAM widgets on Windows 11
    4 days ago
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    1 week ago
  • Glossary
  • My Bookmarks
Reading: The new epidemic of TeslaCrypt ransomware
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
ThreatsWordpress Threats

The new epidemic of TeslaCrypt ransomware

Vitus White
Last updated: 13 October
Vitus White 8 months ago
Share
7 Min Read

Malware development and our attempts to fight it sometimes remind us of a deep TV series: one can trace how “characters” acquire new skills, overcome hardships and make new achievements. It seems that now the third season of the TeslaCrypt series is released.
TeslaCrypt: Round Three

TeslaCrypt is first discussed in February 2015, when this Trojan compromised PCs of certain groups of gamers encrypting their files. It asked for about $500 for bringing data back to the owners.
The newly-released Trojan was created on the base of another dangerous ransomware called CryptoLocker. Back then criminals used a relatively weak encryption algorithm, which could be hacked. The Trojan stored decryption keys in a separate file on the victim’s hard drive, so one could find them without effort. In the end users of BleepingComputer forum created TeslaDecoder software, which helped victims decrypt their files without any ransom.

PSA: TeslaDecoder released to decrypt .EXX, .EZZ, .ECC files encrypted by TeslaCrypt http://t.co/zVUR3dVrjX #reddit #bitcoin

— Bitcoin Firehose (@bitcoinfirehose) May 21, 2015

It would be wonderful, if the first season would flop and thereby the series would come to the end. But cybercriminals expanded it and released TeslaCrypt 2.0 — an updated and upgraded version, which was detected by Kaspersky Lab in July, 2015. This version uses a significantly improved encryption scheme, which is still impossible to hack. Moreover, the updated malware doesn’t store keys in a separate file — it uses the system registry instead.

#news #gaming TeslaCrypt 2.0 ransomware: stronger and more dangerous https://t.co/agvUXU5J5t pic.twitter.com/rIZ1XqfHw6

— Kaspersky Lab (@kaspersky) July 14, 2015

Victims who have found keys somehow can still use the TeslaDecoder to bring their files back. But without a key this useful software turns to be absolutely helpless.
Recently, a new season epidemic took place. TeslaCrypt 2.2.0 entered – stage left. Currently, a malicious mailing campaign is in full effect: users all over the world receive fake payment notifications. Deceived people install Angler exploit kit, which downloads the new version of TeslaCrypt. A lot of corporate users fall for these fake emails, as it’s quite a common thing for almost any employee to forget about one of thousands invoices.

#HowTo: Open Unknown Attachments http://t.co/nW1DrX9CNr #security #antivirus

— Kaspersky Lab (@kaspersky) May 21, 2014

Besides, cybercriminals launched a wide-scale campaign to infect WordPress websites, including the blog for the UK’s newspaper, The Independent. Angler was once again to blame for this incident. The exploit downloaded either TeslaCrypt or another Trojan called BEDEP, which in turn downloaded the infamous CryptoLocker.
According to Trend Micro, the blog was infected on November 21. Employees solved the problem and recently (December 9) redirected users to the main page of the newspaper.
Representatives of The Independent stated, that only a few visited infected page as it was very old and that there were no signs that anybody could have been infected from the the Trojan on their site. With that said, the total number of users, who were directed to the page with the Trojan hit 4,000+ per day. If visitors did not have fresh Adobe Flash updates, Angler could have used the vulnerability and infected their systems.

News with a side of #ransomware —“The Independent” blog hacked, leads to TeslaCrypt: https://t.co/4kFz0JPv9Y

— Trend Micro (@TrendMicro) December 9, 2015

This time cyber criminals have changed their aim, and targeted companies, not home users. According to Heimdal Security, new ransomware terrorizes European corporations. We’ve also tracked a huge splash of activity in Japan. It’s also impossible to tell which country will be the next victim.
If you want to protect yourself from ransomware or at least decrease the potential harm, we highly recommend you to follow these tips.

#Ransomware is #digital #extortion – tips to avoid falling victim to it https://t.co/HoCO7kXuhX #itsec pic.twitter.com/PkYl8QXscU

— Kaspersky Lab (@kaspersky) December 9, 2015

  1. Use up-to-date security solutions. For example, Kaspersky Internet Security and Kaspersky Total Security have built-in System Watcher module, which doesn’t allow ransomware to encrypt data, thereby making users invulnerable to TeslaCrypt.
  2. Always install software updates. Various bugs and vulnerabilities are often found in office software suites, browsers and Adobe Flash. Updates and patches, which “treat” security holes are also released on the regular basis. Fresh updates increase your security by times.
  3. Make regular backups. For example, Kaspersky Total Security can minimize efforts needed for that. Even if all security measures turn to be fruitless and your system is infected, you’ll be able to clear the system with the help of the antivirus and restore files from backups.

Kaspersky Total Security Review: Full-featured #parentalcontrol, #firewall, and backup http://t.co/B1RxogW5Lx via @PCMag

— Kaspersky Lab (@kaspersky) February 6, 2015

If you are a victim of ransomware, who is looking for the solution to the problem, we regret to say that there is no universal treatment. If you have a key, you can use the previously mentioned TeslaDecoder or a similar tool provided by Cisco.
Without a key it’s almost impossible to do something. Nevertheless, we highly recommend that you don’t pay the ransom if possible. If people do not pay, ransomware business will be unprofitable and cybercriminals will have less motivation to release the next season of ransomware series.


Source: kaspersky.com

Translate this article

TAGGED: Encryption, Malware, RC4, Security, Software, Targeted Attack, Threats, Vulnerabilities, WordPress
Vitus White October 13, 2022 October 7, 2022
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

How to generate SSH keys on Windows 11
News 9 hours ago
How to enable file sharing on WSA for Windows 11
News 9 hours ago
Nine years of Project Galileo and how the last year has changed it
Nine years of Project Galileo and how the last year has changed it
Apps 16 hours ago
Dynamic data collection with Zaraz Worker Variables
Dynamic data collection with Zaraz Worker Variables
Apps 4 days ago
How to add CPU, GPU, RAM widgets on Windows 11
News 5 days ago

Recent Posts

  • How to generate SSH keys on Windows 11
  • How to enable file sharing on WSA for Windows 11
  • Nine years of Project Galileo and how the last year has changed it
  • Dynamic data collection with Zaraz Worker Variables
  • How to add CPU, GPU, RAM widgets on Windows 11

You Might Also Like

News

How to generate SSH keys on Windows 11

9 hours ago
Nine years of Project Galileo and how the last year has changed it
Apps

Nine years of Project Galileo and how the last year has changed it

16 hours ago
Dynamic data collection with Zaraz Worker Variables
Apps

Dynamic data collection with Zaraz Worker Variables

4 days ago
Cloudflare is deprecating Railgun
Apps

Cloudflare is deprecating Railgun

5 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

Reduce latency and increase cache hits with Regional Tiered Cache
Cloudflare is deprecating Railgun
Triangulation: Trojan for iOS | Kaspersky official blog
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Previous Next
Hot News
How to generate SSH keys on Windows 11
How to enable file sharing on WSA for Windows 11
Nine years of Project Galileo and how the last year has changed it
Dynamic data collection with Zaraz Worker Variables
How to add CPU, GPU, RAM widgets on Windows 11
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?