MultiDrive – free backup, clone & wipe disk utility from Atola Technology

Main » Forums home » Conventional hard drives

All times are UTC - 5 hours [ DST ]



Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 
  Previous topic | Next topic 
Author Message
emkanapot
 Post subject: RSA4096 encryption
PostPosted: April 17th, 2016, 23:06 
Offline

Joined: September 10th, 2013, 20:13
Posts: 96
Location: Thailand
hi,

laptop with magnetic hard drive is encrypted by hacker on internet. all data cannot be opened. it's useless. and there is message from hacker:
Attachment:
{RecOveR}-vghno__.Png
{RecOveR}-vghno__.Png [ 79.89 KiB | Viewed 5683 times ]


is there any means to decrypt and get access to all data again?

thanks.
Top
 Profile  
 
HaQue
 Post subject: Re: RSA4096 encryption
PostPosted: April 17th, 2016, 23:53 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 3903
Location: Adelaide, Australia
you are looking at TeslaCrypt 4.0. It is a hard road to recovery for this crap. You will have to start googling and becoming familiar with these threats and before you take on the recovery, know it is a LOT of TIME CONSUMING work on your part. Likely it makes no business sense to try and do these cases unless you have a proven tool for decryption. I haven't researched it, though these suites may help in at least understanding what you are dealing with.

http://nabzsoftware.com/types-of-threats/teslacrypt-4-0

https://github.com/Googulator/TeslaCrack

be extremely careful when researching as some malware scumbags pose as decryption information and you get further hit with it while looking for fixes.
Top
 Profile  
 
colanco
 Post subject: Re: RSA4096 encryption
PostPosted: May 18th, 2016, 21:07 
Offline

Joined: December 6th, 2012, 8:49
Posts: 291
Location: espaƱa
All TeslaCrypt versions (including 3.0 and 4.0 ) can be decrypted


PM Sent
Top
 Profile  
 
fzabkar
 Post subject: Re: RSA4096 encryption
PostPosted: May 19th, 2016, 4:12 
Offline
User avatar

Joined: September 8th, 2009, 18:21
Posts: 16960
Location: Australia
TeslaCrypt shuts down and Releases Master Decryption Key:
http://www.bleepingcomputer.com/news/se ... ption-key/

Quote:
In surprising end to TeslaCrypt, the developers shut down their ransomware and released the master decryption key.
...
Now that the decryption key has been made publicly available, this allowed TeslaCrypt expert BloodDolly to update TeslaDecoder to version 1.0 so that it can decrypt version 3.0 and version 4.0 of TeslaCrypt encrypted files. This means that anyone who has TeslasCrypt encrypted files with the .xxx, .ttt, .micro, .mp3, or encrypted files without an extension can now decrypt their files for free!


http://download.bleepingcomputer.com/Bl ... ecoder.zip

Usage instructions are provided at the bleepingcomputer.com page.

_________________
A backup a day keeps DR away.
Top
 Profile  
 
HaQue
 Post subject: Re: RSA4096 encryption
PostPosted: May 19th, 2016, 4:50 
Offline
User avatar

Joined: December 4th, 2012, 1:35
Posts: 3903
Location: Adelaide, Australia
Someone must have put a gun to their head I reckon.. this sounds quite unusual. hopefully it is reported correctly and this is true. I am dealing with a few different ransomware infections now. not a fun way to spend days. asshats.
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 

Main » Forums home » Conventional hard drives

All times are UTC - 5 hours [ DST ]

Who is online

Users browsing this forum: No registered users and 81 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Switch to mobile style
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group