Ransomware has come a long way since the days of simple screen lockers. Modern ransomware-as-a-service operations are sleek, professional, and terrifyingly effective. Many of them have business models, customer service departments, and even PR teams.
But not Sicarii.
This new RaaS outfit has managed to do something almost impressive in its incompetence: build ransomware that can’t decrypt files even when victims pay up. Not because the attackers are being dishonest (though that’s always a risk), but because the code is fundamentally broken.
The Flaw That Makes Recovery Impossible
Sicarii’s problem comes down to basic cryptography mistakes. When the ransomware runs, it generates a fresh RSA encryption key pair for each execution. So far, so normal. But then it immediately discards the private key.
You know, the one piece of information that’s absolutely required to decrypt anything.
Researchers at Halcyon’s Ransomware Research Center discovered that this per-execution key generation isn’t tied to any recoverable master key, making encrypted data permanently inaccessible. The attackers themselves can’t fix it. The decryptors they provide are useless.
If you pay the ransom, you’re just throwing money at a problem that has no solution.
AI-Assisted Coding Gone Wrong
How does something this broken even happen? The answer appears to be vibe coding. That’s the practice of using AI tools to generate code without really understanding what you’re building.
Security researchers assess with moderate confidence that developers used AI-assisted tooling, which likely contributed to the implementation error. Instead of carefully hand-crafting encryption routines (you know, the one thing that absolutely has to work in ransomware), these threat actors just prompted an AI model and called it a day.
The result is malware that technically works in the sense that it encrypts files. It just fails at the one job that matters: giving attackers a way to reverse the process for payment.
This isn’t the first time we’ve seen AI-generated malware make rookie mistakes. Researchers have documented instances where AI-generated ransomware includes filename typos like “readme.txtt” that no experienced threat actor would ever make. They’re moving fast, copying and pasting AI output, and skipping the validation step that would catch catastrophic errors.
A History of Self-Sabotaging Ransomware
Bad cryptography has been hamstringing ransomware operations for years.
Back in 2014, CryptoDefense stored the private decryption key unencrypted on infected PCs’ hard disks due to improper use of Windows’ cryptographic infrastructure. Victims could recover their files without paying anything. Around the same time, TorrentLocker used the same keystream to encrypt all files on a computer, allowing researchers to recover the keystream by XORing encrypted files with plaintext versions. Both flaws were eventually fixed once the mistakes became public.
More recently, researchers discovered that Obscura ransomware fails to write the encrypted key to file footers for files over 1GB, making those files permanently unrecoverable. And just days ago, Nitrogen’s ESXi-targeting malware was found to overwrite parts of its own public key during encryption, preventing successful decryption.
IBM Security X-Force also reverse-engineered Prometheus ransomware and found it used weak key generation based on computer uptime, allowing them to build a working decryptor.
What sets Sicarii apart is how it got built. Those older mistakes came from developers who at least understood the basics but screwed up implementation. AI-generated code can produce ransomware from someone who doesn’t understand cryptography at all.
Why This Actually Matters
You might think a broken ransomware variant is good news. And in one sense, it is. Organizations hit by Sicarii aren’t losing their data to extortion, but rather to incompetence. The outcome for victims is the same (permanent data loss), but at least they’re not funding further criminal operations.
But there’s a darker side to this story.
AI tools are lowering the barrier to entry for cybercrime. People with limited technical skills can now spin up ransomware operations that would have required serious expertise just a few years ago. Before AI, up-and-coming threat actors relied on old leaked builders like Conti and LockBit. Now they can just describe what they want to an AI model and get malicious code in minutes.
The problem is that AI-generated code can look clean and functional while hiding structural flaws. Rather than vulnerabilities that defenders can exploit, they’re just catastrophic bugs that make the malware worse at its intended job while still causing maximum damage to victims.
We’re entering a world where ransomware operators can be both less skilled and more dangerous. They don’t need to understand cryptography or even basic programming. Having access to AI coding tools and the ambition to point them at the wrong targets is enough.
What Organizations Should Do
If you’re hit by Sicarii, you need to know that ransom payment will not result in successful data restoration. Isolate affected systems, preserve forensic evidence, and work with incident response specialists to determine the scope of compromise.
But really, this applies to any ransomware. Payment doesn’t guarantee recovery, funds criminal operations, and often leads to repeat attacks. Sicarii just makes the futility more obvious.
This incident reinforces what should already be standard practice: defense in depth. That means tested, offline backups that can actually restore your operations. Endpoint security that prevents malware from gaining the privileges it needs to spread. Network segmentation that limits lateral movement.
The rise of AI-assisted malware development means we’re going to see more attacks, launched by more people, with more unpredictable outcomes. Some will be sophisticated disasters, others will be incompetent disasters like Sicarii. Both, however, can shut down your business if you’re not prepared.
