A ransomware affiliate is targeting publicly exposed Veritas installations to gain access to organizations.