A ransomware family known as Kyber is marketing itself as quantum-safe, touting the use of a lattice-based key-exchange method called ML-KEM to shield its encryption keys from quantum attacks.
Kyber derives its name from ML-KEM’s alternate moniker, and the claim hinges on ML-KEM’s purported resistance to quantum computing. The scheme is supposed to replace RSA and ECC in key exchange, while the actual data payload is still encrypted with AES-256.
Security firm Rapid7 reverse-engineered the Windows variant and found it uses ML-KEM1024—the strongest version in the PQC standard. However, the ransomware still wraps a symmetric AES-256 key; the encryption process itself remains typical for ransomware.
Experts like Brett Callow of Emsisoft note that this is the first confirmed case of ransomware explicitly using PQC, but emphasize that the practical benefits are dubious at present.
Analysts argue the move is largely marketing. Implementing Kyber1024 requires minimal extra work for developers, and the term “post-quantum encryption” sounds scarier to executives than a straightforward AES-based scheme.
In short, Kyber’s post-quantum branding does not guarantee real-world quantum resistance today. It more likely signals a trend: some cybercriminals are testing PQC narratives to influence payout decisions rather than to harden defenses.
