TeslaCrypt Ransomware (Version 2.0.0) Is Affecting Indian Computers
A new malware is creating havoc in India by gaining control of critical computer systems until a ransom is paid. Called 'TeslaCrypt Ransomware', the malware has been upgraded to the version 2.0.0 by the creators and it adds new encryption scheme and features, specifically to mimic CryptoWall. TeslaCrypt grabbed headlines earlier this year by affecting the computers of gamers until they paid money to rescue their machines. Two Indian businessmen from Agra were targeted in last 6 months and were asked to pay about $10,000 to get their machines back.
The hackers would threaten to destroy all the data on the infected machine if the user did not pay money. The amount would double after the deadline or delay in payment . Sandeep Gupta, an Indian businessman from Agra had to seek help from cyber cell after the virus demanded ransom. The cyber cell helped Mr. Gupta regain access to his website.
The malware was first identified by Altaf Halde, MD (South Asia) of Kaspersky Labs - a digital security agency. Halde explained that a ransomware is a modern mechanism of online extortion. Anyone can be a victim of it. The attack is typically delivered over a legit looking email with attachment. This attachment is an executable and as soon as it's opened, the malware installs itself on the target computer.
The functioning of the TeslaCrypt malware is interesting. The latest version no longer uses GUI to tell users that their files are being encrypted. The malware opens a web page in user's browser and displays warning message. The message appears to be 'friendly' in nature that informs the user that their files have been 'safely encrypted'. Users will need to open the File Decryption Site and then follow the instructions to decrypt all the files. Look at it -
TheR#-Link-Snipped-#gister informs that the malware has been able to generate about $76,500 in just 10 weeks. The TeslaCrypt asks for anywhere between $150 - $10,000; payable in Bitcoin. It uses Tor anonymity network for all the communication, which makes it difficult to track.
The proven way to stay safe from TeslaCrypt and any other malware has been the same for years: do not open attachments from unknown sources. Keep your anti-malware software up to date, do not use borrowed pen-drives on your system and do not download anything from untrusted website.
Read more about the thread on the source links below.
Source: #-Link-Snipped-# | #-Link-Snipped-# | <a href="https://blogs.cisco.com/security/talos/teslacrypt" target="_blank" rel="noopener noreferrer">Threat Spotlight: TeslaCrypt - Decrypt It Yourself - Cisco Blogs</a>
The hackers would threaten to destroy all the data on the infected machine if the user did not pay money. The amount would double after the deadline or delay in payment . Sandeep Gupta, an Indian businessman from Agra had to seek help from cyber cell after the virus demanded ransom. The cyber cell helped Mr. Gupta regain access to his website.
The malware was first identified by Altaf Halde, MD (South Asia) of Kaspersky Labs - a digital security agency. Halde explained that a ransomware is a modern mechanism of online extortion. Anyone can be a victim of it. The attack is typically delivered over a legit looking email with attachment. This attachment is an executable and as soon as it's opened, the malware installs itself on the target computer.
The functioning of the TeslaCrypt malware is interesting. The latest version no longer uses GUI to tell users that their files are being encrypted. The malware opens a web page in user's browser and displays warning message. The message appears to be 'friendly' in nature that informs the user that their files have been 'safely encrypted'. Users will need to open the File Decryption Site and then follow the instructions to decrypt all the files. Look at it -
TheR#-Link-Snipped-#gister informs that the malware has been able to generate about $76,500 in just 10 weeks. The TeslaCrypt asks for anywhere between $150 - $10,000; payable in Bitcoin. It uses Tor anonymity network for all the communication, which makes it difficult to track.
The proven way to stay safe from TeslaCrypt and any other malware has been the same for years: do not open attachments from unknown sources. Keep your anti-malware software up to date, do not use borrowed pen-drives on your system and do not download anything from untrusted website.
Read more about the thread on the source links below.
Source: #-Link-Snipped-# | #-Link-Snipped-# | <a href="https://blogs.cisco.com/security/talos/teslacrypt" target="_blank" rel="noopener noreferrer">Threat Spotlight: TeslaCrypt - Decrypt It Yourself - Cisco Blogs</a>
0