this post was submitted on 28 Jan 2026
266 points (99.6% liked)

Programmer Humor

29530 readers
624 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
anzo@programming.dev
Feyter@programming.dev
BurningTurtle@programming.dev
pylapp@programming.dev
266
Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted (www.darkreading.com)
submitted 1 week ago by whaleross@lemmy.world to c/programmer_humor@programming.dev
17 comments fedilink hide all child comments
 

Regarding Sicarii's broken decryption process, researchers said that "during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key."

top 17 comments
sorted by: hot top controversial new old
[–] ElBarto@piefed.social 147 points 1 week ago (1 children)

Ransomware that can't be decrypted is just destructive malware like any other.

[–] SmoothLiquidation@lemmy.world 93 points 1 week ago

I bet other ransomware creators hate this. If victims can’t even get their data back by paying, more victims will stop paying across the board.

[–] 30p87@feddit.org 110 points 1 week ago

LMAO

[–] Cevilia@lemmy.blahaj.zone 79 points 1 week ago (1 children)

Even if the malware author did correct the issue, it's unknown whether those already compromised can benefit, or if they're out of luck.

They literally said the private key was discarded. It's absolutely known whether those already compromised can benefit. They can't.

[–] Natanael@infosec.pub 14 points 1 week ago (1 children)

Well, unless they also made key generation shitty, because that's equally plausible and would likely allow RSA keys to be broken (it's surprisingly hard to generate RSA keys safely)

[–] Cevilia@lemmy.blahaj.zone 5 points 1 week ago

I know just enough to know that I absolutely shouldn't try to roll my own encryption, and that's enough knowledge for me

[–] MotoAsh@piefed.social 40 points 1 week ago

rofl of course...

[–] DrunkAnRoot@sh.itjust.works 39 points 1 week ago (1 children)

vibe coded and ranswomare in the same sentence was not on my 2026 bingo card

[–] gustofwind@lemmy.world 14 points 1 week ago

we need a way bigger bingo card

[–] DarkCloud@lemmy.world 39 points 1 week ago

Like a virus that kills the host, it won't spread as well and should die out faster than other types of maleware.

[–] anton@lemmy.blahaj.zone 35 points 1 week ago

Hebrew-based content appears machine-translated

Did they vibe code their false identity as well?

[–] OnfireNFS@lemmy.world 14 points 1 week ago (1 children)

So they basically created a hashing function?

[–] pivot_root@lemmy.world 58 points 1 week ago (1 children)

A hash is at least consistent when given identical inputs. What they created is more like a digital incinerator.

[–] Jayjader@jlai.lu 8 points 1 week ago (1 children)
[–] anton@lemmy.blahaj.zone 7 points 1 week ago (1 children)

-u would give you the space back.
The ransomware doesn't. There is a block of data, sitting there, taunting you.

[–] Jayjader@jlai.lu 3 points 1 week ago

ehehehehe thanks for that mental image

Of course, one can always reclaim that space if the data truly is inaccessible. Makes me want to write a joke program for "cleaning up" after ransomware that just removes the data from the partition table (or whatever the equivalent for files is - would that just be rm?)

[–] NotMyOldRedditName@lemmy.world 9 points 1 week ago

Brilliant lol.