Malware authors may be more likely to insert crypto doozies in their code than developers working on software. These criminals are focused on getting a product that does enough to satisfy their immediate requirements. Security analysts and network administrators who recognize the main classes of cryptographic errors have a big advantage in foiling infections. The authors behind the Zeus banking Trojan and Linux-based ransomware LinuxEncoder fell into the voodoo programming trap. Their cryptographic implementation betrays deep confusion about the functionality being invoked a function, the researchers said.”]
Source: https://www.csoonline.com/article/3133367/stupid-encryption-mistakes-criminals-make.html