Kyber ransomware deploys post-quantum encryption

A new ransomware operation named Kyber is targeting Windows and VMware ESXi systems with a variant that implements post-quantum encryption.

Sources

1 verified

Location

—

Updated

Thursday, 23 April 2026 at 06:51 UTC

No media · text-only dispatch

Synthesis · 1 sources

A new ransomware operation named Kyber is targeting Windows and VMware ESXi systems with distinct variants, one of which claims to use post-quantum encryption. Cybersecurity firm Rapid7 analyzed two variants deployed in March 2026, finding the ESXi version uses traditional RSA-4096 and ChaCha8 despite marketing claims. The Windows variant, written in Rust, implements Kyber1024 for key protection alongside AES-CTR for file encryption. This marks an early adoption of post-quantum cryptography in ransomware, though the outcome for victims remains the same—files are unrecoverable without the attacker's private key.

Prediction markets · Polymarket

Polymarket↗

Bitcoin quantum-resistant upgrade implemented in 2026?

Quantum breaks Bitcoin by ___?

Will Bitcoin replace SHA-256 before 2027?

Yes

93%

e/eineurope · topic · T-04987cycle Thursday, 23 April 2026 at 06:51 UTC · first reported 5d ago