• Trainguyrom@reddthat.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Best I understand the encryption key is needed to encrypt and decrypt, so if the malware isn’t written well enough it may well continue to store the encryption key in memory.

      There’s some old malware on archive.org that just pulls the FAT off the filesystem into memory and offers a dice roll to restore it