Click to Skip Ad
Closing in...

Hackers are now patching ransomware, making it impossible to crack

Published Mar 17th, 2016 5:30PM EDT
How to Remove Ransomware

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Living in the connected future, software is never broken for long. If you buy a program or an app or a video game that doesn’t work as intended, the developers now have the ability to send out a patch within a matter of days or even hours.

But there’s a downside to software patches being relatively easy to roll out. It means that hackers can fix the malware they distribute after security experts find workarounds, which is exactly what happened in the case of TeslaCrypt.

DON’T MISS: T-Mobile subscribers can now stream unlimited YouTube videos for free

If you’ve never heard of TeslaCrypt, the Cisco Talos Security Intelligence and Research Group describes it as one of the most common variants of ransomware on the Internet. Once it finds its way on to your computer, it attempts to “encrypt users’ files and then presents a message demanding the user to pay a ransom.”

As Cisco explains, the security community managed to disrupt its distribution mechanisms and develop improved detection methods, but the hackers saw this as a roadblock to overcome, and now TeslaCrypt 3 has made its way out into the wild.

Here’s why the new version of the ransomware is so dangerous: “The former variant had a weakness in its way to store the encryption key, which enabled researchers to provide a tool for decryption of the files encrypted by TeslaCrypt,” Cisco’s Andrea Allievi and Holger Unterbrink write on the Talos blog. “Unfortunately, so far we are not aware of any tool which can do the same for this variant of TeslaCrypt.”

In other words, if you get hit by TeslaCrypt 3.0.1 (the latest version of the ransomware at the time of writing), you either have to pay the ransom or restore your computer from a backup.

“We can not say it loud and often enough, ransomware has become the black plague of the internet, spread by highly sophisticated Exploit Kits and countless spam campaigns,” Cisco concludes. “The adversaries are modifying and improving it in every version. Anyone can become a victim if you are hit by a new version, as yet undetected by your AV software. Don’t rely on decryption tools, make sure you have BACKUPS and that they are up to date.”

Jacob Siegal
Jacob Siegal Associate Editor

Jacob Siegal is Associate Editor at BGR, having joined the news team in 2013. He has over a decade of professional writing and editing experience, and helps to lead our technology and entertainment product launch and movie release coverage.