 Crypto Virology is a field that studies how to use cryptography to design powerful malicious software. The field was born with the observation that public key cryptography can be used to break this imagery between what an antivirus analyst sees regarding malware and what the attacker sees. The antivirus analyst sees a public key contained in them, whereas the attacker sees the public key contained in them, aware as well as the corresponding private key outside them, aware since the attacker created the key pair for the attack. The public key allows them aware to perform trapped or one-way operations on the victim's computer that only the attacker can undo. The first Crypto Virology attack, invented by Adam Bell Young and Modyu, is called Crypto Virology and it was presented at the 1996 IEEE Security and Privacy Conference. In this attack the cryptovers, cryptoworm, or cryptotrogen contains the public key of the attacker and hybrid encrypts the victim's files. The malware prompts the user to send the asymmetric ciphertext to the attacker who will decipher it and return the symmetric decryption key it contains for a fee. The victim needs the symmetric key to decrypt the encrypted files if there is no way to recover the original files e.g., from backups. The 1996 IEEE paper predicted that Crypto Virology distortion attackers would one day demand e-money, long before the coin even existed. Many years later the media-relabeled Crypto Virology extortion is ransomware. In 2016 Crypto Virology attacks on healthcare providers reached epidemic levels prompting the U.S. Department of Health and Human Services to issue a fact sheet on ransomware and HIPAA. The fact sheet states that when electronic protective health information is encrypted I ransomware a breach has occurred and the attack therefore constitutes a disclosure that is not permitted under HIPAA, the rationale being that an adversary has taken control of the information. Sensitive data might never leave the victim organization, but the break-in may have allowed data to be sent out undetected. California enacted a law that defines the introduction of ransomware into a computer system with the intent of extortion as being against the law. The field also encompasses covert and aware attacks in which the attacker securely steals private information such as symmetric keys, private keys, PR and the state, and the victim's data. An asymmetric backdoor is a backdoor e.g., in a crypto system that can be used only by the attacker, even after it is found. This contrasts with the traditional backdoor that is symmetric, i.e., anyone that finds it can use it. Kleptography, the subfield of Crypto Virology, is the study of asymmetric backdoors in key generation algorithms, digital signature algorithms, key exchanges, pseudo-random number generators, encryption algorithms, and other cryptographic algorithms. The NIST Dual ECDRBG Random Bit Generator has an asymmetric backdoor in it. The ECDRBG algorithm utilizes the discrete log kleptogram from kleptography which by definition makes the ECDRBG a cryptotrogen. Like ransomware, the ECDRBG cryptotrogen contains and uses the attacker's public key to attack the host system. The cryptographer Ari Jules indicated that NSA effectively orchestrated a kleptographic attack on users of the dual ECDRBG pseudo-random number generation algorithm and that, although security professionals and developers have been testing and implementing kleptographic attacks since 1996, you would be hard-pressed to find one in actual use until now. Due to public outcry of this Crypto Virology attack, NIST rescinded the ECDRBG algorithm from the NIST SP800 to 90 standard. The ECDRBG information leakage attacks carried out by Crypto Verozes, cryptotrogens, and cryptoworms that, by definition, contain and use the public key of the attacker is a major theme in Crypto Virology. Indeniable password-snatching a Crypto Veroze installs a cryptotrogen that asymmetrically encrypts host data and covertly broadcasts it. This makes it available to everyone, noticeable by no one except the attacker and only decipherable by the attacker. An attacker caught installing the cryptotrogen claims to be a virus victim. An attacker observed receiving the covert asymmetric broadcast is one of thousands if not millions of receivers and exhibits no identifying information whatsoever. The Crypto Virology attack achieves end-to-end deniability. It is a covert asymmetric broadcast of the victim's data. Crypto Virology also encompasses the use of private information retrieval to allow Crypto Verozes to search for and steal host data without revealing the data searched for even when the cryptotrogen is under constant surveillance. By definition such a Crypto Veroze carries within its own coding sequence the query of the attacker and the necessary PIR logic to apply the query to host systems. There has been a long-standing misconception that Crypto Virology is mostly about extortion attacks over attacks. In fact, the vast majority of Crypto Virology attacks are covered in nature. This misconception began to fade in 2013 after whistle-blowing revealed that the dual-ACDRBG is a Crypto Virology attack that covertly leaks the internal state of the pseudo-random number generator.