Broken VECT 2.0 ransomware acts as a data wiper for large files
Summary
The VECT 2.0 ransomware has a critical flaw in its nonce handling, causing it to permanently destroy larger files instead of encrypting them. This bug effectively transforms the ransomware into a data wiper for affected files.
IFF Assessment
FOE
The ransomware's faulty encryption mechanism acts as a data wiper, leading to irreversible data loss for victims, which is detrimental to defenders.
Defender Context
This incident highlights the importance of robust testing and quality assurance for ransomware strains. Defenders should be aware that some ransomware variants may inadvertently cause data destruction due to coding errors, complicating recovery efforts. Monitoring for unusual data loss patterns, even if not typical ransomware encryption, could be a clue.