TeslaCrypt Ransomware (Version 2.0.0) Is Affecting Indian Computers

A new malware is creating havoc in India by gaining control of critical computer systems until a ransom is paid. Called 'TeslaCrypt Ransomware', the malware has been upgraded to the version 2.0.0 by the creators and it adds new encryption scheme and features, specifically to mimic CryptoWall. TeslaCrypt grabbed headlines earlier this year by affecting the computers of gamers until they paid money to rescue their machines. Two Indian businessmen from Agra were targeted in last 6 months and were asked to pay about $10,000 to get their machines back.

The hackers would threaten to destroy all the data on the infected machine if the user did not pay money. The amount would double after the deadline or delay in payment . Sandeep Gupta, an Indian businessman from Agra had to seek help from cyber cell after the virus demanded ransom. The cyber cell helped Mr. Gupta regain access to his website.

The malware was first identified by Altaf Halde, MD (South Asia) of Kaspersky Labs - a digital security agency. Halde explained that a ransomware is a modern mechanism of online extortion. Anyone can be a victim of it. The attack is typically delivered over a legit looking email with attachment. This attachment is an executable and as soon as it's opened, the malware installs itself on the target computer.

The functioning of the TeslaCrypt malware is interesting. The latest version no longer uses GUI to tell users that their files are being encrypted. The malware opens a web page in user's browser and displays warning message. The message appears to be 'friendly' in nature that informs the user that their files have been 'safely encrypted'. Users will need to open the File Decryption Site and then follow the instructions to decrypt all the files. Look at it -

TeslaCrypt-Ransomware-India

TheR#-Link-Snipped-#gister informs that the malware has been able to generate about $76,500 in just 10 weeks. The TeslaCrypt asks for anywhere between $150 - $10,000; payable in Bitcoin. It uses Tor anonymity network for all the communication, which makes it difficult to track.

The proven way to stay safe from TeslaCrypt and any other malware has been the same for years: do not open attachments from unknown sources. Keep your anti-malware software up to date, do not use borrowed pen-drives on your system and do not download anything from untrusted website.

Read more about the thread on the source links below.

Source: #-Link-Snipped-# | #-Link-Snipped-# | Threat Spotlight: TeslaCrypt - Decrypt It Yourself - Cisco Blogs

Replies

You are reading an archived discussion.

Related Posts

We're getting enquiries from CDAC aspirants and students about the prospects of job after CDAC course. The top questions asked are more or less the same: will IT company recruit...
Can someone suggest innovative final year engineering project ideas for people with disabilities?
Coming from an Army background, Onkar Singh's growing up years were spent at various places across India. However, he did most of his schooling and education in his home state...
It was Google Cardboard that kept me fascinated ever since it was revealed at the Google I/O 2014. When OnePlus announced that they will launch OnePlus 2 using VR, I...
Plastic is both a boon and a bane to the mankind; but with the amount of plastic waste growing every minute the consequences could be very hazardous. There are initiatives...