RSA4096 encryption

Data recovery and HDD repair discussions

Data recovery and disk repair questions and discussions related to old-fashioned SATA, SAS, SCSI, IDE, MFM hard drives - any type of storage device that has moving parts
Post a reply
emkanapot
  • emkanapot
  • Posts: 96
  • Joined: September 10th, 2013, 20:13
  • Location: Thailand

RSA4096 encryption

April 17th, 2016, 23:06

hi,

laptop with magnetic hard drive is encrypted by hacker on internet. all data cannot be opened. it's useless. and there is message from hacker:
{RecOveR}-vghno__.Png


is there any means to decrypt and get access to all data again?

thanks.
HaQue
  • HaQue
  • Posts: 3903
  • Joined: December 4th, 2012, 1:35
  • Location: Adelaide, Australia

Re: RSA4096 encryption

April 17th, 2016, 23:53

you are looking at TeslaCrypt 4.0. It is a hard road to recovery for this crap. You will have to start googling and becoming familiar with these threats and before you take on the recovery, know it is a LOT of TIME CONSUMING work on your part. Likely it makes no business sense to try and do these cases unless you have a proven tool for decryption. I haven't researched it, though these suites may help in at least understanding what you are dealing with.

http://nabzsoftware.com/types-of-threats/teslacrypt-4-0

https://github.com/Googulator/TeslaCrack

be extremely careful when researching as some malware scumbags pose as decryption information and you get further hit with it while looking for fixes.
colanco
  • colanco
  • Posts: 291
  • Joined: December 6th, 2012, 8:49
  • Location: españa

Re: RSA4096 encryption

May 18th, 2016, 21:07

All TeslaCrypt versions (including 3.0 and 4.0 ) can be decrypted


PM Sent
fzabkar
  • fzabkar
  • Posts: 16960
  • Joined: September 8th, 2009, 18:21
  • Location: Australia
  • Website

Re: RSA4096 encryption

May 19th, 2016, 4:12

TeslaCrypt shuts down and Releases Master Decryption Key:
http://www.bleepingcomputer.com/news/se ... ption-key/

In surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key.
...
Now that the decryption key has been made publicly available, this allowed TeslaCrypt expert BloodDolly to update TeslaDecoder to version 1.0 so that it can decrypt version 3.0 and version 4.0 of TeslaCrypt encrypted files. This means that anyone who has TeslasCrypt encrypted files with the .xxx, .ttt, .micro, .mp3, or encrypted files without an extension can now decrypt their files for free!


http://download.bleepingcomputer.com/Bl ... ecoder.zip

Usage instructions are provided at the bleepingcomputer.com page.
HaQue
  • HaQue
  • Posts: 3903
  • Joined: December 4th, 2012, 1:35
  • Location: Adelaide, Australia

Re: RSA4096 encryption

May 19th, 2016, 4:50

Someone must have put a gun to their head I reckon.. this sounds quite unusual. hopefully it is reported correctly and this is true. I am dealing with a few different ransomware infections now. not a fun way to spend days. asshats.
Post a reply
Switch to full style

Powered by phpBB © phpBB Group.

Board index