Get a Demo
Platform
Why SentinelOne?
Services
Partners
Resources
About
Pricing
Get a Demo
Back to Resources

SentinelOne Vs. Vice Society Ransomware – Prevention and Detection

Video
SentinelOne Vs. Vice Society Ransomware – Prevention and Detection

See how SentinelOne prevents and detects Vice Society Ransomware. Vice Society is a multi-pronged extortion/ransomware group that emerged in early to mid-2021. From the onset, the threat actor has shown an affinity towards medium-sized targets, with a certain focus on educational entities (ex: school districts).

The group also leverages both Windows and Linux variations of ransomware. The latter of which is frequently observed in campaigns targeting ESXi or heavily virtualized environments. Initial access is often achieved through 3rd party framework (example: Cobalt Strike). Once in their target environment, there is a heavy use of COTS utilities and LOLBINS to move as stealthily as possible.

In recently analyzed Windows samples, persistence is achieved via Registry (RUN key). In addition, an embedded .BAT file is dropped and executed by the ransomware to inhibit system recovery (removal of VSS and boot recovery options).

#cybersecurity #vicesociety #ransomware

Watch Now
Ransomware
Related Resources
Video
RSAC 2025: Join SentinelOne
Video
Is DeepSeek a Cybersecurity Threat? SentinelOne’s Alex Stamos Answers.
Video
SentinelOne and Aston Martin F1 Team
Video
LABScon24 Replay | Resilience and Protection in the Windows Ecosystem | Weston & Zetter

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.

Request a Demo