{"id":1409,"date":"2016-05-19T10:33:03","date_gmt":"2016-05-19T08:33:03","guid":{"rendered":"https:\/\/www.nullalo.com\/?p=1409"},"modified":"2025-10-22T10:15:48","modified_gmt":"2025-10-22T08:15:48","slug":"teslacrypt-to-restore-encrypted-files","status":"publish","type":"post","link":"https:\/\/www.nullalo.com\/en\/teslacrypt-how-to-restore-encrypted-files\/","title":{"rendered":"TeslaCrypt: how to restore encrypted files"},"content":{"rendered":"

<\/p>\n

For the uninitiated, a ransomware<\/strong> is a type of malware (malicious software – a computer virus) that requires a ransom\u00a0to be paid to remove the limitation of access to the infected system. The most common forms of ransomware encrypt user files, asking to pay, often amounts\u00a0in the order of a thousand dollars, to restore those files.<\/p>\n

Infected files encryption is usually based on the principle of RSA encryption with public\/private keypair<\/strong>: the public key is released to the victim, with the promise of getting the private one, needed\u00a0to restore files, from the maker of the ransomware\u00a0(which is the only one to know it).<\/p>\n

The used encoding’s high number of bits (eg. 1024) makes it often impossible to self-recover the private key<\/strong> using distributed systems, where a series of computers attempt\u00a0to identify this key starting from the public and an infected file used as sample.<\/p>\n

Moreover, the payment is made via bitcoins<\/strong> and is therefore not traceable (because a peer-to-peer transaction with the beneficiary without intermediaries happens), so there is no guarantee of the fact that, in return for payment, the maker\u00a0the ransomware will honor the\u00a0promise to allow you to recover your files.<\/p>\n

Some preventive recommendations<\/strong> to avoid entering into such a situation are:<\/p>\n