Teslacrypt releases master key

Solaris17 · May 19, 2016

IDK if any of the rest of you guys are system/network secop but take a look at this. Thankfully my infrastructure was never hit /hasn't yet with ransomware but take a look at this.

http://www.bleepingcomputer.com/new...al&utm_source=twitter.com&utm_campaign=buffer

holyshit.

Frick · May 19, 2016

That sure is interesting and nice, but as noted they're moving to other encyptions anyway. Don't know how big TeslaCrypt was thogh.

Edit: Google says CryptXXX sucks and can be decrypted. Goooooood, because cryptoware is something I genuinly fear. Not that my browser/security habits are bad, but still.

Solaris17 · May 19, 2016

Frick said:
That sure is interesting and nice, but as noted they're moving to other encyptions anyway. Don't know how big TeslaCrypt was thogh.

Edit: Google says CryptXXX sucks and can be decrypted. Goooooood, because cryptoware is something I genuinly fear. Not that my browser/security habits are bad, but still.

Tesla was one of the bigger ones. I fear it as well. It is very prevalent and we deal with clients all the time that get hit. Though you are also correct in that there are obviously others. The magnitude is a bit bigger than you might think. The article is just now mentioning other variants being explored. But the ecosystem for this kind of infection is already pretty vast. Take a look.

https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml#

They even have variations that are fileless and attack via WMI remotely.

Sasqui · May 19, 2016

Wow truth is stranger than fiction!

MrGenius · May 19, 2016

My questions are does MBAR work, and should I install it?
http://www.bleepingcomputer.com/download/malwarebytes-anti-ransomware/

Seems like the only real/100% working solution to any of it is to make frequent backups on an external drive/storage system.

Solaris17 · May 19, 2016

MrGenius said:
My questions are does MBAR work, and should I install it?
http://www.bleepingcomputer.com/download/malwarebytes-anti-ransomware/

Seems like the only real/100% working solution to any of it is to make frequent backups on an external drive/storage system.

Thats a tough question, MBAR and MBAM do pickup some of the variants, but they really are pumping them out. Definitely cases of being missed. The biggest issue we and Users are facing is that the bread and butter of the crypto malware is that they have the ability and are programmed to search connected drives and UNC paths so they also hit network shares. Unfortunately having something on a separate drive isn't 100% safe any more. Unless of course you disconnect it after you backup.

MrGenius · May 19, 2016

Solaris17 said:
Unless of course you disconnect it after you backup.

Yeah, that's what I meant by that really. I'm mean that's what I do. As soon as the backup completes I unplug the drive and put it in safe keeping. I realize they can get at your other stuff too, if you don't do it like that.

System Name	Rocinante
Processor	I9 14900KS
Motherboard	EVGA z690 Dark KINGPIN (modded BIOS)
Cooling	EK-AIO Elite 360 D-RGB
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 G95SC
Case	Lian Li o11 Evo Dynamic White
Audio Device(s)	Moondrop S8's on Schiit Hel 2e
Power Supply	Bequiet! Power Pro 12 1500w
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

System Name	Black MC in Tokyo
Processor	Ryzen 5 5600
Motherboard	Asrock B450M-HDV
Cooling	Be Quiet! Pure Rock 2
Memory	2 x 16GB Kingston Fury 3400mhz
Video Card(s)	XFX 6950XT Speedster MERC 319
Storage	Kingston A400 240GB \| WD Black SN750 2TB \|WD Blue 1TB x 2 \| Toshiba P300 2TB \| Seagate Expansion 8TB
Display(s)	Samsung U32J590U 4K + BenQ GL2450HT 1080p
Case	Fractal Design Define R4
Audio Device(s)	Line6 UX1 + some headphones, Nektar SE61 keyboard
Power Supply	Corsair RM850x v3
Mouse	Logitech G602
Keyboard	Cherry MX Board 1.0 TKL Brown
VR HMD	Acer Mixed Reality Headset
Software	Windows 10 Pro
Benchmark Scores	Rimworld 4K ready!

System Name	Rocinante
Processor	I9 14900KS
Motherboard	EVGA z690 Dark KINGPIN (modded BIOS)
Cooling	EK-AIO Elite 360 D-RGB
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 G95SC
Case	Lian Li o11 Evo Dynamic White
Audio Device(s)	Moondrop S8's on Schiit Hel 2e
Power Supply	Bequiet! Power Pro 12 1500w
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

System Name	Senile
Processor	I7-4790K@4.8 GHz 24/7
Motherboard	MSI Z97-G45 Gaming
Cooling	Be Quiet Pure Rock Air
Memory	16GB 4x4 G.Skill CAS9 2133 Sniper
Video Card(s)	GIGABYTE Vega 64
Storage	Samsung EVO 500GB / 8 Different WDs / QNAP TS-253 8GB NAS with 2x10Tb WD Blue
Display(s)	34" LG 34CB88-P 21:9 Curved UltraWide QHD (34401440) FREE_SYNC*
Case	Rosewill
Audio Device(s)	Onboard + HD HDMI
Power Supply	Corsair HX750
Mouse	Logitech G5
Keyboard	Corsair Strafe RGB & G610 Orion Red
Software	Win 10

System Name	Rocinante
Processor	I9 14900KS
Motherboard	EVGA z690 Dark KINGPIN (modded BIOS)
Cooling	EK-AIO Elite 360 D-RGB
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 G95SC
Case	Lian Li o11 Evo Dynamic White
Audio Device(s)	Moondrop S8's on Schiit Hel 2e
Power Supply	Bequiet! Power Pro 12 1500w
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

Teslacrypt releases master key

Solaris17

Super Dainty Moderator

Frick

Fishfaced Nincompoop

Solaris17

Super Dainty Moderator

Sasqui

MrGenius

Solaris17

Super Dainty Moderator

MrGenius