Kyber ransomware gang toys with post-quantum encryption on Windows
Summary
A new ransomware gang, dubbed Kyber, is actively targeting Windows and VMware ESXi systems. Notably, one variant of this ransomware has incorporated Kyber1024, a post-quantum cryptography algorithm, into its encryption process.
IFF Assessment
FOE
The use of post-quantum encryption by ransomware indicates a sophisticated and forward-thinking threat actor, posing a significant challenge to current decryption capabilities.
Defender Context
This development highlights the emerging threat of ransomware employing post-quantum cryptography, which could render existing decryption tools obsolete in the future. Defenders should monitor for indicators of compromise related to this new ransomware family and be prepared for advanced encryption techniques.