Cybersecurity researchers have discovered that the ransomware used by the Vect group, which has targeted numerous organizations since January, is actually a data wiper. This malware permanently destroys files larger than 128KB, making full data recovery impossible even for the attackers. The group has been linked to supply-chain attacks involving Trivy and LiteLLM, and their ransomware-as-a-service offering is described as technically unsophisticated with multiple implementation flaws. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Discovery of a flawed data wiper disguised as ransomware highlights ongoing supply-chain risks for organizations using open-source tools.
RANK_REASON Analysis of a ransomware-as-a-service offering reveals a critical flaw making it a data wiper, impacting victim organizations.