Don't pay Vect a ransom - your data's likely already wiped out
Recent research indicates that organizations paying ransom to Vect may not recover their data as the malware is actually a wiper. This wiper destroys files larger than 128KB, making full recovery impossible. Vect's operations are linked to a series of supply chain attacks, and the malware exhibits significant flaws in its design.
- ▪Organizations that paid Vect for data recovery likely received little to nothing back.
- ▪Vect's malware is a wiper that permanently destroys files larger than 128KB instead of encrypting them.
- ▪The ransomware-as-a-service group has been described as technically unsophisticated with multiple design failures.
Opening excerpt (first ~120 words) tap to expand
(function() { let windowUrl = window.location.href; windowUrl = windowUrl.substring(windowUrl.indexOf('?') + 1); let messageElement = document.querySelector('.shareableMessage'); if (windowUrl && windowUrl.includes('code') && windowUrl.includes('expires')) { messageElement.style.display = 'block'; } })(); Cyber-crime Don't pay Vect a ransom - your data's likely already wiped out 'Full recovery is impossible for anyone, including the attacker' Jessica Lyons Jessica Lyons Published tue 28 Apr 2026 // 19:36 UTC Organizations hit by the wave of Trivy and LiteLLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Register.
Discussion
0 commentsMore from The Register
