Latest in Culture

Image credit:

A dangerous piece of PC ransomware is now impossible to crack

If TeslaCrypt invades your system, you'll have to pay.
355 Shares
Share
Tweet
Share

Sponsored Links

What do developers do after discovering a software vulnerability? Why, patch it, of course. Ironically, criminals have learned that lesson too, as one gang has updated the notorious TeslaCrypt ransomware with new features that are impossible to crack, according to Cisco's Talos security arm. That means user infected with the latest version (3.01) of the malware can no longer use white hat-engineered software to get their files back. Until someone finds a new solution -- and that seems unlikely -- victims will have to pay.

Companies like Kaspersky and Cisco's Talos have reverse-engineered various pieces of ransomware, helping corporate clients and anyone else rescue files without paying. The security community has also developed better detection and distribution disruption methods for the scourge. According to Talos, "this has lead adversaries to iterating and improving upon the previous release of TeslaCrypt."

We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated exploit kits and countless spam campaigns.

Previously, it stored the private key needed to unlock files on your own machine. However, after generating the key locally, TeslaCrypt 3.01 transfers it to the bad guy's server and deletes it from your PC. As a result, "the private key never has to leave the [attacker's] server and the ransomware uses a different key for each victim," according to Talos. With the 256-bit key nowhere to be found and impossible to brute force, the only way you can get your files is to pay.

"We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated exploit kits and countless spam campaigns," Talos says. Attackers are going after bigger targets that can afford to pay more, with potentially catastrophic consequences, as we saw at a Hollywood hospital. The best defense is to back up your files, but even that might not help. The FBI recently said that "in a new scheme, cyber criminals attempt to infect whole networks with ransomware and use persistent access to locate and delete network backups."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
355 Shares
Share
Tweet
Share

Popular on Engadget

Marshall's latest Monitor over-ear headphones are equipped with ANC

Marshall's latest Monitor over-ear headphones are equipped with ANC

View
NASA is crowdsourcing a sensor that can survive Venus

NASA is crowdsourcing a sensor that can survive Venus

View
Samsung offers at-home Galaxy S20 trials to mitigate impact of coronavirus

Samsung offers at-home Galaxy S20 trials to mitigate impact of coronavirus

View
The Morning After: The rotary cellphone DIY kit you've been waiting for

The Morning After: The rotary cellphone DIY kit you've been waiting for

View
Qualcomm promises 5G 'with fewer hurdles' on its latest modem

Qualcomm promises 5G 'with fewer hurdles' on its latest modem

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr