VECT: Ransomware by design, Wiper by accident

**Executive summary:** Check Point Research analyzed VECT 2.0, a Ransomware-as-a-Service targeting Windows, Linux, and ESXi, and found a critical cross-platform nonce-handling flaw in its ChaCha20-IETF encryption that discards three of four per-chunk nonces for files >128 KB—rendering large files permanently unrecoverable and effectively turning the ransomware into a destructive wiper; the report also documents operational details (affiliate program, TeamPCP supply-chain ties), IOCs, lateral-movement and anti-analysis behaviors, and mitigation guidance.