|
|
|
|
|
|
by serendipitous
3523 days ago
|
|
|
> it still has the decryption keys No, they (usually) work similar to PGP/GPG, i.e. each file is encrypted with a different AES key and the AES key is encrypted with a public RSA key. The original AES key for a particular file is immediately deleted from memory after the file is encrypted and the private RSA key (needed for decrypting the AES key that is stored in the file) only ever gets delivered to the system if the ransom is paid. |
|
|