Overview
- Check Point Research said Tuesday that a fatal encryption bug turns VECT 2.0 into a wiper and makes ransom payments useless.
- The malware splits large files into four parts and uses four random nonces but saves only the last one, which makes the first three parts impossible to decrypt.
- The group runs a ransomware-as-a-service with a $250 affiliate fee and new partnerships with TeamPCP and BreachForums to drive supply-chain-based attacks.
- The flaw is present in Windows, Linux, and ESXi builds, and it ruins common enterprise files like virtual machine disks, databases, and backups.
- Defenders are urged to skip negotiations, restore from offline backups, contain fast, rotate exposed credentials, and watch for a fix that could make VECT far more dangerous.