The ransomware known as Kyber has been singled out as the first confirmed case of using post-quantum cryptography, drawing intense attention from the security industry. Analysts say the move appears to be a strategic use aimed at psychological pressure rather than real attack efficiency.

IT outlet Ars Technica reported on April 23 that security firm Rapid7 said its analysis of a Windows variant of Kyber found the ransomware was protecting encryption keys using ML-KEM1024, a post-quantum cryptography standard.

Kyber did not encrypt victim data directly with post-quantum cryptography. Instead, it encrypted the files themselves with AES-256 and then wrapped the key with ML-KEM1024 in a hybrid approach. ML-KEM1024 is among the strongest of the post-quantum cryptography standards pursued by the U.S. National Institute of Standards and Technology (NIST).

Security experts see it as a technical turning point, but not an adoption driven by practical need. Brett Callow (브렛 캘로), a threat analyst at Emsisoft, assessed the case as the first ransomware to apply post-quantum cryptography. He said today’s quantum computers are unlikely to break existing public-key cryptography in the short term, limiting any practical gain for attackers.

The nature of the tactic is also reflected in the attack method. Kyber demands a response from victims within about a week, showing short-term negotiating pressure matters more than long-term decryption prospects. Anna Shirokova (안나 시로코바), a Rapid7 researcher, said the phrase "post-quantum cryptography" itself could be perceived as a bigger threat by executives unfamiliar with the technology, indicating an intent to seek a marketing effect.

The relatively low implementation difficulty has also been cited as a factor. ML-KEM1024 has well-developed public libraries and documentation, making it relatively easy to apply, and is structured to be used only to protect keys rather than encrypt actual data because of speed issues.

Some variants were also found to make exaggerated claims. A Kyber variant targeting VMware touted its use of ML-KEM, but analysis found it actually used conventional 4,096-bit RSA encryption.

The case shows ransomware groups are placing greater emphasis on psychological effects in negotiations than on the cryptographic technology itself. Analysts say attackers are focusing on collecting ransoms in the short term rather than competing in long-term security, and are choosing a strategy that highlights the perception that decryption is nearly impossible to raise the likelihood of payment.

At the same time, it also showed post-quantum cryptography is no longer an issue limited to governments or large technology companies. Experts stressed companies need to distinguish between real technical capabilities and attackers’ exaggerated messaging when making future security decisions.