Top Tweets for #VECT
New alert: #Vect #ransomware breaks its own promise.
Even if you pay… recovery may be impossible.
A critical encryption flaw permanently destroys decryption data at the time of attack.
Translation: no key can bring files back.
Details 👇 https://t.co/FOqFvKNFmF
Ayo! Remember how #VECT 2.0 was soooo poorly written it actually turned it into a wiper because Vect let the nonce go out the window?
Well y'all gonna want to read my buddy's report.
Uh and another small thing... @morphisec's product can ACTUALLY decrypt large files back
What happens when ransomware can't even decrypt the files it encrypted?
This latest blog from Morphisec threat researcher Yonatan Edri takes a closer look at VECT ransomware and uncovers a troubling reality: some victims may be left with files that are renamed, partially encrypted, corrupted, or otherwise unrecoverable - even when a decryptor is available.
While researchers have already documented VECT's nonce management flaw, our analysis found additional Windows-specific implementation issues that can create inconsistent file states and complicate recovery efforts.
Key findings:
✅Files are renamed before encryption begins, meaning a .vect extension doesn't necessarily indicate successful encryption.
✅Medium-sized files may be processed through a flawed buffer handling routine, potentially resulting in failed or incomplete encryption.
✅Shared global buffers introduce the possibility of file corruption under concurrent execution.
✅Large files can be modified using multiple encryption operations while retaining insufficient metadata for reliable restoration.
The result? Not all ransomware incidents produce cleanly encrypted files—and not all decryptors can put them back together.
The research reinforces an important lesson for defenders: recovery is not always guaranteed. Organizations need security strategies focused on preventing ransomware execution before encryption occurs, while maintaining the ability to recover affected files when attacks succeed.
Read the full analysis - link in the comments.
VECT-Ransomware - Wenn Hacker-Laien zur echten Gefahr werden
#Backup @CheckPointSW #Cyberkriminalität #Cybersecurity #Cybersicherheit #DigitaleErpressung #Ransomware #RansomwareGruppe #VECT #Verschlüsselung
https://t.co/otueJWQvxo
📢⚠️ Researchers warn that #VECT 2.0 ransomware contains fatal flaws that permanently destroy files, making recovery impossible and rendering ransom payments useless for victims worldwide.
https://t.co/AWDbGY4Wl7
#CyberSecurity #CyberCrime #Ransomware
#ThreatProtection #VECT 2.0 #ransomware targets Windows, Linux, and ESXi—but a critical encryption flaw turns it into a data #wiper. Files >128KB may be permanently destroyed, even if victims pay, read more: https://t.co/lgDjRHjZWU
I pivoted on #Vect ransomware activity and identified related samples based on the post shared by @AlvieriD.
🔗 Post:
https://t.co/xMikgTl0Np
🛡️ Our detection rule covering both Linux and Windows variants:
https://t.co/Mi2iwn46rH
VECT RaaS is making headlines via partnerships with BreachForums and TeamPCP. Behind the polished image is a weak operator: the ransomware is bug-ridden, poorly built, and most encrypted files aren’t fully recoverable, even with the decryption key.
https://t.co/4tK7OIoIiw
We’ve just published a comprehensive technical & reverse engineering analysis of #VECT Ransomware uncovering its links to TeamPcP and operations on BreachForums, along with a critical flaw in its encryption logic.
The report includes full RE insights, IOCs, and YARA rules to support detection and response.
Read it here:https://t.co/pK662zmfVx
#darkatlas #teamPcP #VECT #Ransomware #ThreatIntel
@thetechhouseuk @AlvieriD @vxunderground Can you be more specific? Lolol
-Our map is already a 10x10 @virustotal nightmare
-Think of #Vect as being the ‘cherry on top’ of a series of (attempted & unsuccessful) reports on problems originating in #Alberta #Canada
-Haven’t even touched the #USA / #Netherlands stuff yet
@AlvieriD @vxunderground @userlolxxl @skocherhan @kulinskiarkadi @UCPGoA23 Oh right, we found a special #Malcert (i.e. signed & undetectable) version [amongst other things] @UAlberta @YourAlberta @AHS_media (@abuse_ch)
@AlvieriD talk to me like a #Canada #Government official
Why #Vect #Ransomware bad?
![medsci_yb3r's tweet photo. @AlvieriD @vxunderground @userlolxxl @skocherhan @kulinskiarkadi @UCPGoA23 Oh right, we found a special #Malcert (i.e. signed & undetectable) version [amongst other things] @UAlberta @YourAlberta @AHS_media (@abuse_ch)
@AlvieriD talk to me like a #Canada #Government official
Why #Vect #Ransomware bad? https://t.co/UX3LGsjQ17](https://pbs.twimg.com/media/HEzxlv2bMAAjf-S.jpg)
![medsci_yb3r's tweet photo. @AlvieriD @vxunderground @userlolxxl @skocherhan @kulinskiarkadi @UCPGoA23 Oh right, we found a special #Malcert (i.e. signed & undetectable) version [amongst other things] @UAlberta @YourAlberta @AHS_media (@abuse_ch)
@AlvieriD talk to me like a #Canada #Government official
Why #Vect #Ransomware bad? https://t.co/UX3LGsjQ17](https://pbs.twimg.com/media/HEzxlvnaUAAPdhc.jpg)
![medsci_yb3r's tweet photo. @AlvieriD @vxunderground @userlolxxl @skocherhan @kulinskiarkadi @UCPGoA23 Oh right, we found a special #Malcert (i.e. signed & undetectable) version [amongst other things] @UAlberta @YourAlberta @AHS_media (@abuse_ch)
@AlvieriD talk to me like a #Canada #Government official
Why #Vect #Ransomware bad? https://t.co/UX3LGsjQ17](https://pbs.twimg.com/media/HEzxlvXaoAAPGeE.jpg)
![medsci_yb3r's tweet photo. @AlvieriD @vxunderground @userlolxxl @skocherhan @kulinskiarkadi @UCPGoA23 Oh right, we found a special #Malcert (i.e. signed & undetectable) version [amongst other things] @UAlberta @YourAlberta @AHS_media (@abuse_ch)
@AlvieriD talk to me like a #Canada #Government official
Why #Vect #Ransomware bad? https://t.co/UX3LGsjQ17](https://pbs.twimg.com/media/HEzxlu3XwAEFMCm.jpg)
Sup Doc B - ummmmm…ummmmm…
1) I have a pseudo-good idea where you’re at and familiar with some of these.
2) I am going to say based on what you have there, probably not safe to be tied into the network with #VECT #Vect #VeCt>? #Ransomware everywhere?
3) @Magicswordio insists on Google Meet, which as you’re aware - is problematic. @Threatlocker said they would follow up? (Would be reallllyyyy handy ya’ll). #Malcerts cc: @userlolxxl
-> I did throw an inquiry to @fieldeffectsoft [ I was told they emailed and didn’t call - I’m not at the hospital rn ]
4) @skocherhan @smica83 there be a whole bunch of samples uploaded via @abuse_ch with VECT stuff (and the kitchen sink) triggering all of these #YARA rules. I don’t actually know if it gets auto-saved ?????????
TeamPCP has weaponized the LiteLLM library to infect 500,000+ systems. Now, the Vect syndicate is arming 300,000 dark web mercenaries for a global offensive.
#TeamPCP #Vect #LiteLLM #Ransomware #CyberSecurity2026 #SupplyChainAttack #AISecurity #Infosec
https://t.co/bSA7WCxpWm
The #Vect Ransomware Organization has announced a strategic partnership with the threat group #TeamPCP and #BreachForums community. This alliance aims to provide forum members with ransomware access and execute large-scale cyberattacks by leveraging supply chain compromises.
New #RaaS. Real capability.
#Vect is live - and already hitting orgs in Brazil & South Africa.
What stands out:
• Custom C++ build (not recycled code)
• ChaCha20 + intermittent encryption for speed
• Windows, Linux & ESXi support
• Safe Mode execution to suppress defenses
• TOR-only infra + Monero payments
Short lifespan. Unusual maturity. Likely expansion ahead.
Read more from @InfosecurityMag👇 https://t.co/gQnzHlbS47
🚨 nuova rivendicazione #ransomware Italia 🚨
🏴☠️ gruppo #Vect
🧬 Keliweb SRL | Rende (CS)
🎯 settore: servizi web
🔗 https://t.co/Ugq2EkxqrW
🗓️ 28 febbraio 2026
📄 sample: -
▪️ dati esfiltrati dichiarati: 200.00GB
▪️ dati esfiltrati pubblicati: -
⏲️ scadenza: 28 marzo 2026
#ransomNews #cybersecurity #cyberthreats
🔴🇨🇴El grupo de ransomware Vect publica a SUS Insumos SAS en su sitio DarkWeb.
🔗https://t.co/AUVv9AeFOi
📁30.26GB
#ransomware #infosec #Colombia #DarkWeb #Vect #ciberataque
As reporting emerged on the #Vect RaaS group, coverage by @PhilMuncaster drew on our #ThreatIntelligence to assess the group’s capability: https://t.co/FL91WNjdBD
Our research identified early indicators of a mature, disciplined operation. Report: https://t.co/ArxdwnFDPC
Last Seen Hashtags on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers