A new variant of the TeslaCrypt ransomware was released a bit over a week ago that still refers to itself as version 2.2.0, but contains some minor changes compared to the previous release.  The most noticeable change are the differences in the ransom notes.  The ransom notes now include instructions to use translate.google.com if English is not the victim's native language. Some of the wording has also been changed, but the general gist is the same. The text version of the new ransom note can be seen below.

The other change is the use of 0s (Zeros) for the first four bytes of the encrypted files. In the past the the first four bytes of the VVV encrypted files contained the DEADBEEF hexadecimal numbers. Now the first four bytes of the encrypted files have been changed to 00000000.  You can see the first four bytes zeroed out in the image below.

If anything else is discovered, we will be sure to let you know as soon as possible.

Related Articles:

The Week in Ransomware - September 21st 2018 - Beer, Airports, & Dharma

Gamma, Bkp, & Monro Dharma Ransomware Variants Released in One Week

Romanian Woman Admits Involvement in Hacking Attack On Washington Police Computers

Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows

New Brrr Dharma Ransomware Variant Released