TeslaCrypt, a ransomware family that emerged roughly a year ago, includes a design flaw that has already allowed security researchers build a free file decryption tool.
The issue affects TeslaCrypt and TeslaCrypt 2.0 variants of the malware and resides in the encryption key storage algorithm, Lawrence Abrams explains in a blog post. The issue has been fixed in TeslaCrypt 3.0, but files encrypted with the older versions of the ransomware can be decrypted without paying cybercriminals to do so.
Spotted in late February 2015, the ransomware was found to encrypt not only photos, videos, and documents, but files associated with video games as well. In July, TeslaCrypt 2.0 emerged with an improved encryption mechanism, and researchers discovered in December that the malware was being delivered through a newly patched Adobe Flash Player vulnerability. Researchers note that their decryption tool can be used to generate the necessary keys for recovering encrypted TeslaCrypt files with extensions .ECC, .EZZ, .EXX, .XYZ, .ZZZ, .AAA, .ABC, .CCC, and .VVV. However, files encrypted with the newer versions of TeslaCrypt, which use the .TTT, .XXX, and .MICRO extensions, cannot be decrypted.
The issue with TeslaCrypt is not in the encryption algorithm itself, but how the encryption keys were being stored on the victim's computer, Abrams explains. TeslaCrypt encrypts files with the AES encryption algorithm and uses the same key for both encryption and decryption. Researchers discovered that TeslaCrypt generated a new AES key each time it was restarted, and that it stored the key in the files encrypted during the session. The keys were stored in every encrypted file, but were secured using another algorithm, and the information about this encrypted key was stored in each encrypted file.
However, the size of this stored key was found to be insufficiently strong to withstand decryption. Using specialized programs that can factorize these large numbers, their prime numbers were extracted, and other specialized tools were used to reconstruct the decryption key using these prime numbers.
Methods and tools to decrypt files encrypted using the TeslaCrypt appeared a while ago, but they were kept private, to ensure that the malware developers are not alerted on them. However, since TeslaCrypt 3.0 resolves the aforementioned issue, projects such as TeslaCrack (https://github.com/Googulator/TeslaCrack) have stated to emerge, along with volunteers willing to help victims of the malware.
Written in Python, TeslaCrack requires the use of encrypted files that had a known file header (PDF, JPG, etc) and needs to be modified when not using an encrypted PDF file. Moreover, users would have to use the tool to attack multiple keys to decrypt all files, provided that TeslaCrypt was restarted when encrypting the hard disk content.
TeslaDecoder, a tool that has been used for decrypting TeslaCrypt files since May 2015, has been also updated to recover the encryption key for all TeslaCrypt variants. This tool tackles the master private key that TeslaCrypt used on the victim's computer, thus allowing users to decrypt all files, regardless of whether the ransomware was restarted or not.
The tool was designed to run on Windows and do not require specific encrypted file types, making it suitable for general use. It can also be used in combination with specialized factorization tools such as Msieve and Yafu to help victims recover their files for free. Victims can use either TeslaDecoder or TeslaCracker to decrypt their files, but can also head over to the TeslaCrypt (.VVV, .CCC, etc Files) Decryption Support Requests topic to ask for help in retrieving the encryption keys.