Hackers Unleash Velociraptor Tool for Ransomware Mayhem: China-Based Storm-2603 Strikes Again!

In a twist fit for a cyber-thriller, threat actors are now using the Velociraptor digital forensics tool to unleash LockBit and Babuk ransomware. This China-based adversary, known as Storm-2603, is turning open-source software into a weapon of mass encryption. Who knew velociraptors could be so sneaky?

3P
Published: October 9, 2025 7:40 pmAdded: October 9, 2025 at 1:08 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

In an unexpected plot twist, cybercriminals have decided to take their inner paleontologist out for a spin by using Velociraptor, not to dig up fossils, but to bury data under layers of LockBit and Babuk ransomware. Maybe they thought that a digital Jurassic Park would make for a good disguise. Just remember, these predators don’t want to eat you, just your data—and maybe your wallet.

Key Points:

– Cybercriminals are using the Velociraptor DFIR tool to deploy LockBit and Babuk ransomware.
– The attackers are suspected to be a China-based group known as Storm-2603.
– They exploited a vulnerability in an outdated version of Velociraptor.
– The attack involved creating local admin accounts and accessing VMware vSphere for persistent control.
– Ransomware deployments were detected on both Windows and VMware ESXi systems.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?