All news with #destructive prompt injection tag

🛑 VECT is a destructive ransomware family that permanently destroys large files instead of producing recoverable encrypted copies, so paying the ransom will not restore data. The group leveraged partnerships with TeamPCP and BreachForums to build a massive affiliate pipeline to thousands of potential victims. An encryption bug affects Windows, Linux, and ESXi variants and has persisted since before the public 2.0 release. Check Point's Threat Emulation and Harmony Endpoint provide full protection against known variants.

⚠️ Kaspersky has identified a previously undocumented file wiper named Lotus Wiper that was used in destructive attacks against Venezuela's energy and utilities sector in late 2025 and early 2026. The campaign relies on two coordinated batch scripts that weaken defenses, probe NETLOGON shares and legacy services, and prepare the environment to deploy a wiper that erases recovery mechanisms, overwrites drives and deletes files. The artifact contains no extortion demands, indicating a targeted, non-financially motivated destructive operation likely planned well in advance.

⚠️ Chaos-C++ is a resurfaced C++ ransomware strain identified in 2025 that combines fast AES encryption, deliberate deletion of very large files, and a clipboard-hijacking capability to steal cryptocurrency payments. It employs a stealthy downloader that masquerades as a system optimizer, uses Windows CryptoAPI where available and a weaker XOR fallback otherwise, and appends a .chaos extension to affected files. Victims also see destructive post-infection commands that remove shadow copies and hinder recovery, and ForsGuard detections are available for protection.