Teslacrypt is unlike virus programs that usually infiltrate your computer and damage your files and directories. This virus is categorised as ransomware. It is a virus program as it is malicious and damages people’s files by encrypting them. The program encrypts files in the user’s system with AES encryption. With files encrypted and not accessible to the user, the program then demands for payment. The payment is to be made in return for a private key that will help the user to decrypt his or her files.
A distinct ransomware program
This category of virus programs are not uncommon as many exist that encrypt application databases, documents, images and videos as well as video games. TeslaCrypt however differs from the other ransomware programs as it targets several video games and other documents too in a user’s system. If you play games like StarCraft, Minecraft, Dragon Age, World of Tanks and others like RPG Maker or Steam, these are applications which are targeted by TeslaCrypt.
This ransomware asks for payment via BitCoin or PayPal My Cash cards. The latter can be purchased at several US stores which come pre loaded with money. The money can be transferred to a PayPal account with the Pin code of the card. If you choose to pay by BitCoins the amount charged would be $500 which is half the cost if you use PayPal cards.
Damages the program does
The TeslaCrypt virus will change the background of your desktop. It will create a text file which will act as a help guide to decrypt your files. This file will be shown on your desktop. The lock screen will demand that payment be made in three days. The lock screen has decryption keys as well as option for the users to check the payment status. The file also provides a link to a TOR website where free test for file decryption can be carried out.
Not only has this virus program affected several systems but has been updated as well. The version 2.0 released in July 2015 opens up an HTML page. This page offers information as to what has happened to the user’s files. The program states that the files are protected by RSA-4096 encryption codes which changes the data and structure of the files. The file goes on to state that the encrypted files can be decrypted only by the secret program that Teslacrypt will provide. For that to be obtained, payment terms are mentioned for the users to follow. Files of different categories are affected like mp3, avi, rar, pdf, jpg, png, txt and others.
There are many companies that have come out with decrypt TeslaCrypt tools. You need to search for the latest and updated version so that your latest ransomware can be decrypted. However, there might not be a guarantee that the tool you choose will work. Hence, you need to go through different tools before you land on the right one to decrypt your files.