Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted
4mon 19d ago by lemmy.world/u/whaleross in programmer_humor@programming.dev from www.darkreading.com
Regarding Sicarii's broken decryption process, researchers said that "during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key."
Ransomware that can't be decrypted is just destructive malware like any other.
I bet other ransomware creators hate this. If victims can’t even get their data back by paying, more victims will stop paying across the board.
LMAO
Well, unless they also made key generation shitty, because that's equally plausible and would likely allow RSA keys to be broken (it's surprisingly hard to generate RSA keys safely)
vibe coded and ranswomare in the same sentence was not on my 2026 bingo card
we need a way bigger bingo card
rofl of course...
Like a virus that kills the host, it won't spread as well and should die out faster than other types of maleware.
Hebrew-based content appears machine-translated
Did they vibe code their false identity as well?
So they basically created a hashing function?
A hash is at least consistent when given identical inputs. What they created is more like a digital incinerator.
-u would give you the space back.
The ransomware doesn't. There is a block of data, sitting there, taunting you.
ehehehehe thanks for that mental image
Of course, one can always reclaim that space if the data truly is inaccessible. Makes me want to write a joke program for "cleaning up" after ransomware that just removes the data from the partition table (or whatever the equivalent for files is - would that just be rm?)
Brilliant lol.
"ransomware can't be decrypted" implies the ransomware itself can't be decrypted, ugh