Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files.
After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel TeslaCrypt’s operators offered to ransomware victims, and asked for the universal master decryption key, the company said.
To Eset’s surprise, the operators made it public.
Why So Generous?
Why the TeslaCrypt posse decided to share the master decryption key to software that’s made millions of dollars is unknown.
“While it is possible that they felt bad for the damage done, another possible reason is that they wanted to start fresh with a new codebase,” said Lysa Myers, a security researcher with Eset.
After being in the ransomware racket for a while, the crew may have discovered that maintaining good software of any kind can be challenging. “Sometimes updates to an existing product can make things more error-prone, which makes it harder to make money,” she told TechNewsWorld.
“Ending an old project can allow for a clean slate from which to start again,” Myers added.
While the TeslaCrypt operators’ move is surprising, it’s unlikely they’re getting out of the ransomware business, said Rahul Kashyap, chief security architect with Bromium.
“They may want to change their payment scheme or try out a different business model,” he told TechNewsWorld. “It’s unlikely that they’re deserting the ransomware business.”