cross-posted from: https://lemmy.world/post/42319193

Regarding Sicarii’s broken decryption process, researchers said that “during execution, the malware regenerates a new RSA key pair locally, uses the newly generated key material for encryption, and then discards the private key.”