← All Threat Actors
Threat Actor Profile

Vect

No known aliases in database
▲ High Threat
Vect 2.0 Evolution, TeamPCP/Vect Supply Chain Campaign, BreachForums Mass Affiliate Recruitment
Origin CIS region (likely Russia or Belarus)
Sponsor criminal organization
Motivation financial gain via ransomware extortion and data theft

Target Sectors

Healthcare Supply Chain Property Management Manufacturing Critical Infrastructure

Known TTPs

Ransomware-as-a-Service (RaaS)
Double Extortion (Exfiltration/Encryption/Extortion)
Custom C++ Malware Development
Credential Harvesting (via TeamPCP partnership)
Supply Chain Attacks
Disabling Windows Defender (SetMpPreference)
Volume Shadow Copy Deletion
Event Log Clearing
Lateral Movement via PowerShell and CIM sessions
Safe Mode Execution
Monero-only Payments
TOR-based Data Leak Sites
qTox-based communication

External Resources

CISA Advisories ↗

LINK COPIED TO CLIPBOARD