Security researchers at ESET have published a decryption tool for recent versions of the Teslacrypt ransomware. This was made possible due to the cybercriminals making the master encryption key public after the researchers asked for it nicely.
This wasn’t a random act of kindness from the people behind Teslacrypt. The group had earlier announced that it is winding down operations and leaving the ransomware racket. Acting on this information, an ESET researcher contacted the group through the “official” support channel and asked for the master encryption key. To everyone’s surprise, the key was made public shortly after the request.
ESET warns that ransomware is still a massive threat to computer users and that everyone should keep their software updated with the most recent security fixes; while also using reliable security software.
Nobody knows why the people behind Teslacrypt were so willing to help with undoing their mischief, but it is an interesting glimpse at the mind of a hacker. Where the Teslacrypt team is off to next is unknown; but with any luck it won’t be to work on more ransomware.