Scworld
Emergence of Vect RaaS Operation Targeting Organizations in Brazil and South Africa
First seen 5 Feb 2026, 06:48 UTC
•
•87% similarity
•39.0
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
The newly identified Vect ransomware-as-a-service (RaaS) operation has compromised organizations in Brazil and South Africa. Launched in December 2025, Vect employs C++-based malware utilizing the ChaCha20-Poly1305 AEAD encryption algorithm and SafeMode execution to target Windows, Linux, and VMware ESXi systems.
ThreatCluster AI