Movatterモバイル変換

[0]ホーム
URL:

Jump to content
WikipediaThe Free Encyclopedia
Search

TeslaCrypt

From Wikipedia, the free encyclopedia
Defunct Ransomware
TeslaCrypt
Technical name
TypeRansomware
SubtypeCryptovirus
ClassificationTrojan horse
Technical details
PlatformWindows

TeslaCrypt was aransomwaretrojan. It is now defunct, and its master key was released by the developers.

In its early forms, TeslaCrypt targeted game-play data for specificcomputer games.[3][4][5][6] Newer variants of the malware also affect other file types.

In its original, game-player campaign, upon infection the malware searched for 185 file extensions related to 40 different games, which include theCall of Duty series,World of Warcraft,Minecraft andWorld of Tanks, and encrypted such files. The files targeted involve the save data, player profiles, custom maps andgame mods stored on the victim's hard drives. Newer variants of TeslaCrypt were not focused on computer games alone but also encrypted Word, PDF, JPEG and other files. In all cases, the victim would then be prompted to pay a ransom of $500 worth ofbitcoins in order to obtain the key to decrypt the files.[4][7]

Although resemblingCryptoLocker in form and function, Teslacrypt shares no code with CryptoLocker and was developed independently. The malware infected computers via the AnglerAdobe Flash exploit.[4][8]

Even though the ransomware claimed TeslaCrypt used asymmetric encryption, researchers from Cisco's Talos Group found that symmetric encryption was used and developed a decryption tool for it.[9] This "deficiency" was changed in version 2.0, rendering it impossible to decrypt files affected by TeslaCrypt-2.0.[10]

By November 2015, security researchers from Kaspersky had been quietly circulating that there was a new weakness in version 2.0, but carefully keeping that knowledge away from the malware developer so that they could not fix the flaw.[11] As of January 2016, a new version 3.0 was discovered that had fixed the flaw.[12]

A full behavior report, which shows BehaviorGraphs and ExecutionGraphs was published by JoeSecurity.[13]

Shut down

[edit]

In May 2016, the developers of TeslaCrypt shut down the ransomware and released the master decryption key, thus bringing an end to the ransomware.[14] After a few days,ESET released a public tool to decrypt affected computers at no charge.[15]

References

[edit]
  1. ^"Trojan.TeslaCrypt Description | F-Secure Labs".www.f-secure.com.
  2. ^"RANSOM_CRYPTESLA - Threat Encyclopedia - Trend Micro USA".www.trendmicro.com.
  3. ^Abrams, Lawrence (27 February 2015)."New TeslaCrypt Ransomware sets its scope on video gamers".BleepingComputer.
  4. ^abc"Gamers targeted by ransomware virus".BBC News. 13 March 2015. Retrieved14 March 2015.
  5. ^Sean Gallagher (Mar 12, 2015)."CryptoLocker look-alike searches for and encrypts PC game files".Ars Technica. Retrieved14 March 2015.
  6. ^"New CryptoLocker ransomware targets gamers".ZDNet. March 13, 2015. Retrieved14 March 2015.
  7. ^"TeslaCrypt Ransomware Encrypts Video Game Files".Security Week. March 13, 2015. Archived fromthe original on 14 March 2015. Retrieved14 March 2015.
  8. ^"Achievement Locked: New Crypto-Ransomware Pwns Video Gamers".Bromium Labs. March 12, 2015. Retrieved14 March 2015.
  9. ^"Decryption tool available for TeslaCrypt ransomware that targets games".PC World. 2015. Retrieved17 May 2015.
  10. ^Sinitsin, Fedor (14 July 2015)."TeslaCrypt 2.0 disguised as CryptoWall".securelist. AO Kaspersky Lab. Retrieved5 November 2015.
  11. ^Abrams, Lawrence."TeslaCrypt Decrypted: Flaw in TeslaCrypt allows Victim's to Recover their Files".BleepingComputer. 2015 Bleeping Computer LLC. Retrieved21 January 2016.
  12. ^Abrams, Lawrence."TeslaCrypt 3.0 Released with Modified Algorithm and .XXX, .TTT, and .MICRO File Extensions".BleepingComputer. 2015 Bleeping Computer LLC. Retrieved21 January 2016.
  13. ^"BehaviorReport Ransomware Teslacrypt".securelist. Joe Security. Retrieved29 Dec 2015.
  14. ^"TeslaCrypt shuts down and Releases Master Decryption Key".BleepingComputer. Retrieved2016-05-19.
  15. ^"Criminals give away universal unlock key for TeslaCrypt-ransomware".Guru3D.com. Guru3D.com. 19 May 2016. Retrieved2018-04-01.{{cite web}}: CS1 maint: others (link)
Hacking in the 2010s
Major incidents
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
Hacktivism
Groups
Individuals
Majorvulnerabilities
publiclydisclosed
Malware
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
Retrieved from "https://en.wikipedia.org/w/index.php?title=TeslaCrypt&oldid=1243665642"
Categories:
Hidden categories:
[8]ページ先頭
©2009-2025 Movatter.jp