{"id":236987,"date":"2026-04-29T06:45:00","date_gmt":"2026-04-29T10:45:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/critical-flaw-turns-vect-ransomware-into-data-destroying-wiper\/"},"modified":"2026-04-29T08:00:11","modified_gmt":"2026-04-29T12:00:11","slug":"critical-flaw-turns-vect-ransomware-into-data-destroying-wiper","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/29\/critical-flaw-turns-vect-ransomware-into-data-destroying-wiper\/","title":{"rendered":"Critical Flaw Turns Vect Ransomware into Data Destroying Wiper"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/critical-flaw-vect-ransomware-data\/\">Critical Flaw Turns Vect Ransomware into Data Destroying Wiper<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/critical-flaw-vect-ransomware-data\/\">https:\/\/www.infosecurity-magazine.com\/news\/critical-flaw-vect-ransomware-data\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-29 06:45:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Vect 2.0 ransomware has been found to wipes large, compromised files instead of merely encrypting them, making recovery impossible \u2013 even for the attackers.<\/p>\n<p>This is due to a critical flaw in the encryption implementation. The bug, likely an unintended coding error, was discovered by Check Point Research when investigating the latest version of the Vect ransomware.<\/p>\n<p>Vect is a ransomware-as-a-service (RaaS) program that first appeared in December 2025 on a Russian-language cybercrime forum and was discovered by security researchers in early January 2026.<\/p>\n<p>The group quickly grabbed headlines after it announced on BreachForums that it was partnering with TeamPCP, the threat group behind several supply-chain attacks, such as Trivy, Checkmarx\u2019 KICS, LiteLLM and Telnyx, in March and April 2026.<\/p>\n<p>Additionally, Check Point reported that Vect also announced a partnership with BreachForums itself, promising that every registered forum user will become an affiliate and be granted use of the Vect ransomware, negotiation platform and leak site for operations.<\/p>\n<p>\u201cAs of April 2026, this partnership is in full effect,\u201d the Check Point researchers noted in a new report published on April 28.<\/p>\n<h2><strong>Vect 2.0: RaaS Ambitions Crumble Under Poor Implementation<\/strong><\/h2>\n<p>Allegedly built from scratch, Vect launched version 2.0 of its ransomware lockers in February 2026 after its rise to fame. \u00a0Written in C++, the lockers support Windows and Linux hosts as well as VMware ESXi hypervisors. The group claims to have built all three lockers from scratch.<\/p>\n<p>\u201cAdditionally, a forum post mentions that dedicated \u2018cloud Lockers,\u2019 likely targeting various cloud storage services, will be made available for affiliates that will prove their skills through a quiz or puzzle challenge in the near future,\u201d the Check Point researchers indicated.<\/p>\n<p>After obtaining the Vect ransomware builder via BreachForums, the research team analyzed the three payloads, for Windows, Linux and ESXi.<\/p>\n<p>They found that all&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/critical-flaw-vect-ransomware-data\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical Flaw Turns Vect Ransomware into Data Destroying Wiper https:\/\/www.infosecurity-magazine.com\/news\/critical-flaw-vect-ransomware-data\/ Publish Date: 2026-04-29 06:45:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":236988,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/c71de5fb-c2b2-453c-8b5b-c6197c4953ac.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-236987","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236987"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=236987"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236987\/revisions"}],"predecessor-version":[{"id":236989,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/236987\/revisions\/236989"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/236988"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=236987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=236987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=236987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}