TeslaCrypt, the latest-and-greatest ransomware branch off of the CryptoWall family, claims to the unwitting user that his/her documents are encrypted with "a unique public key generated for this computer". This coudn't be farther from truth. In actuality, the developers of this malware appear to have been lazy and implemented encryption using symmetric AES256 with a decryption key generated on the user's machine.<p>If any of your machines are afflicted, Talos has developed a tool that can be used to generate the user's machine's symmetric key and decrypt all of the ransomed files. (From citpyrc - Slashdot)
Luckily at least some malware authors suck at cryptography, too. Generate a random symmetric key, encrypt all files with this key, encrypt the symmetric key with an asymmetric public key included in the malware. Game over. At least until someone manages to obtain the private key.
Post analyzing a recent sample of TeslaCrypt here: <a href="http://www.malwarefor.me/2015-04-27-angler-ek-pushes-teslacrypt-0-3-6-ransomware/" rel="nofollow">http://www.malwarefor.me/2015-04-27-angler-ek-pushes-teslacr...</a>