Emergence of Vect RaaS Operation Targeting Organizations in Brazil and South Africa

Emergence of Vect RaaS Operation Targeting Organizations in Brazil and South Africa

First seen 5 Feb 2026, 06:48 UTC Infosecurity-MagazineScworld 87% similarity 39.0

Article Content

Browse articles
ThreatCluster

The newly identified Vect ransomware-as-a-service (RaaS) operation has compromised organizations in Brazil and South Africa. Launched in December 2025, Vect employs C++-based malware utilizing the ChaCha20-Poly1305 AEAD encryption algorithm and SafeMode execution to target Windows, Linux, and VMware ESXi systems.

ThreatCluster AI

Community

Browse all →