this post was submitted on 28 Jan 2026
210 points (99.1% liked)

Programmer Humor

28941 readers
1167 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
Feyter@programming.dev
anzo@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
210
Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted (www.darkreading.com)
submitted 2 days ago by whaleross@lemmy.world to c/programmer_humor@programming.dev
17 comments fedilink hide all child comments
 

Regarding Sicarii's broken decryption process, researchers said that "during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key."

top 17 comments
sorted by: hot top controversial new old
[–] DrunkAnRoot@sh.itjust.works 28 points 1 day ago (1 children)

vibe coded and ranswomare in the same sentence was not on my 2026 bingo card

[–] gustofwind@lemmy.world 8 points 1 day ago

we need a way bigger bingo card

[–] NotMyOldRedditName@lemmy.world 6 points 1 day ago

Brilliant lol.

[–] Cevilia@lemmy.blahaj.zone 54 points 2 days ago (1 children)

Even if the malware author did correct the issue, it's unknown whether those already compromised can benefit, or if they're out of luck.

They literally said the private key was discarded. It's absolutely known whether those already compromised can benefit. They can't.

[–] Natanael@infosec.pub 9 points 1 day ago (1 children)

Well, unless they also made key generation shitty, because that's equally plausible and would likely allow RSA keys to be broken (it's surprisingly hard to generate RSA keys safely)

[–] Cevilia@lemmy.blahaj.zone 4 points 1 day ago

I know just enough to know that I absolutely shouldn't try to roll my own encryption, and that's enough knowledge for me

[–] ElBarto@piefed.social 114 points 2 days ago (1 children)

Ransomware that can't be decrypted is just destructive malware like any other.

[–] SmoothLiquidation@lemmy.world 72 points 2 days ago

I bet other ransomware creators hate this. If victims can’t even get their data back by paying, more victims will stop paying across the board.

[–] 30p87@feddit.org 91 points 2 days ago

LMAO

[–] DarkCloud@lemmy.world 32 points 2 days ago

Like a virus that kills the host, it won't spread as well and should die out faster than other types of maleware.

[–] anton@lemmy.blahaj.zone 24 points 2 days ago

Hebrew-based content appears machine-translated

Did they vibe code their false identity as well?

[–] MotoAsh@piefed.social 26 points 2 days ago

rofl of course...

[–] OnfireNFS@lemmy.world 9 points 2 days ago (1 children)

So they basically created a hashing function?

[–] pivot_root@lemmy.world 43 points 2 days ago (1 children)

A hash is at least consistent when given identical inputs. What they created is more like a digital incinerator.

[–] Jayjader@jlai.lu 6 points 1 day ago (1 children)
[–] anton@lemmy.blahaj.zone 4 points 1 day ago (1 children)

-u would give you the space back.
The ransomware doesn't. There is a block of data, sitting there, taunting you.

[–] Jayjader@jlai.lu 2 points 1 day ago

ehehehehe thanks for that mental image

Of course, one can always reclaim that space if the data truly is inaccessible. Makes me want to write a joke program for "cleaning up" after ransomware that just removes the data from the partition table (or whatever the equivalent for files is - would that just be rm?)