"On April 15, the group claimed two larger victims, Guesty (700GB) and S&P Global (250GB), allegedly tied to earlier TeamPCP compromises. However, these claims cannot be independently verified, and there is no confirmed visibility into how many of these cases resulted in successful ransom payments versus data being leaked without payment."
"Vect is one of the crime crews partnering with TeamPCP to leak data and extort victims of the ongoing attacks that infected Trivy, LiteLLM, Checkmarx, and Telnyx."
"Check Point researchers opened a BreachForums account, got access to the panel and ransomware builder, and analyzed the gang's malware. They quickly determined that the ransomware-as-a-service group also isn't very good at writing code - 'not technically sophisticated' and 'amateur execution' are how Check Point's research team described it."
Check Point Research indicates that organizations targeted by Trivy and LiteLLM supply-chain attacks and that paid Vect for data recovery likely did not regain much. Vect's leak site lists 25 organizations affected since January, with four since March. Claims of larger victims, such as Guesty and S&P Global, remain unverified. Vect collaborates with TeamPCP to leak data and extort victims, boasting about future supply chain operations. Researchers found Vect's ransomware to be technically unsophisticated and poorly executed.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]