This paper revisits a public key cryptosystem which is based on finite string-rewriting systems. We consider a new approach for cryptanalysis of such proposals—the so-called completion attack. If a particular kind of weak key is generated, then a passive adversary is able to retrieve secret messages with a significant probability. Our idea can be applied to other rewriting based cryptosystems as well. Finally we discuss issues concerning the practical usage and present some experimental results. The described vulnerabilities lead to the conclusion that at least the key generation of Oleshchuk’s cryptosystem has to be revised.