this post was submitted on 28 Jan 2026
211 points (99.1% liked)

Programmer Humor

29000 readers
653 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
211
Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted (www.darkreading.com)
submitted 2 days ago by whaleross@lemmy.world to c/programmer_humor@programming.dev
17 comments fedilink hide all child comments
 

Regarding Sicarii's broken decryption process, researchers said that "during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key."

you are viewing a single comment's thread
view the rest of the comments
[–] Cevilia@lemmy.blahaj.zone 55 points 2 days ago (1 children)

Even if the malware author did correct the issue, it's unknown whether those already compromised can benefit, or if they're out of luck.

They literally said the private key was discarded. It's absolutely known whether those already compromised can benefit. They can't.

[–] Natanael@infosec.pub 9 points 1 day ago (1 children)

Well, unless they also made key generation shitty, because that's equally plausible and would likely allow RSA keys to be broken (it's surprisingly hard to generate RSA keys safely)

[–] Cevilia@lemmy.blahaj.zone 4 points 1 day ago

I know just enough to know that I absolutely shouldn't try to roll my own encryption, and that's enough knowledge for me