Malwarebytes releases Telecrypt ransomware Decrypter - gHacks Tech News

Malwarebytes releases Telecrypt ransomware Decrypter

Malwarebytes Telecrypt Decryptor is a free program for devices running Microsoft Windows to decrypt files that are encrypted by the ransomware Telecrypt.

Telecrypt is a rather troubling piece of ransomware that is distributed through various means including emails, exploits, and drive by downloads.

What makes Telecrypt special is that it uses the API of the popular messaging service TeleGram for communication, and not a control server or servers on the Internet.

TeleGram communication is encrypted and the team behind the service has released an open API and protocol for anyone to use.

TeleCrypt will encrypt files on the system, and launches a program which informs users about the encryption. The ransomware looks for more than hundred different file types including jpg, xlsx, docx, mp3, 7z, torrent or ppt.

Malwarebytes Telecrypt Decryptor

malwarebytes telecrypt decryptor

The decrypter has been developed by Malwarebytes. It requires that you have access to a good copy of one of the encrypted files. The file type does not matter at all.

Your best chances are backups, online cloud storage used by sync software, or any other form of back up space that you may have access to. A suggestion that Malwarebytes has is to use sample photos that Windows ships with, as they are usually easy to get hold of. You may also re-download email attachments if email is kept on a mail server.

You need to load the encrypted file, and the good copy, on the screen that opens. Once you have done so, click the start button and follow the process.

Telecrypt Decryptor verifies the files that you have supplied. If the files match and are encrypted by the encryption scheme that Telecrypt uses, you are taken to the second page of the program interface.

Here you may either add the list of files that the ransomware has encrypted on the device, or may point the program to a single folder containing encrypted files.

You may copy any encrypted files to a single folder location, and pick the folder decrypt option to decrypt all files copied to the folder at once.

It is suggested that you work with backup files and not the original files to avoid any issues that may arise during the process.

You find additional instructions and screenshots on the Malwarebytes blog.

Now You: Have you ever been the victim of a ransomware attack?

Summary
Malwarebytes releases Telecrypt ransomware Decrypter
Article Name
Malwarebytes releases Telecrypt ransomware Decrypter
Description
Malwarebytes Telecrypt Decryptor is a free program for devices running Microsoft Windows to decrypt files that are encrypted by the ransomware Telecrypt.
Author
Publisher
Ghacks Technology News
Logo




  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Paranam Kid said on November 24, 2016 at 5:20 am
      Reply

      With so much ransomware about, how does one know it is Telecrypt that got hold of your files? I assume it does not leave a signature behind.

    2. X said on November 24, 2016 at 6:59 pm
      Reply

      Indeed it does.
      According to Malwarebytes: “Infections with this ransomware can be recognized by the note left on the Desktop named: База зашифр файлов.txt. It contains the list of all the encrypted files.”

      1. Paranam Kid said on November 24, 2016 at 7:13 pm
        Reply

        Right, but for a non-Russian reader that does not mean anything, or could mean anything, i.e.Telecrypt is not too useful for non-Russians.

    3. X said on November 24, 2016 at 7:38 pm
      Reply

      Well, you were complaining about a missing signature. Never mentioned you also had to speak white…

    Leave a Reply