Comment by sroussey

They don’t need to.

Under specific conditions, the client can communicate with malware already on device, save data locally for other software to pick up, or downright stream the decrypted software to a third party.

Most likely is to introduce a flaw in the client that can be used by other walware on the client.

Clearly no red team members on HN these days.