U.S. supply chain management platform Blue Yonder was claimed to have been breached by the newly emergent Termite ransomware operation in a November attack that disrupted retailers ahead of Thanksgiving, The Cyber Express reports.
Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries. Execution of Termite enabled service and backup process termination and network share and drive discovery, as well as shared resource information retrieval, prior to the encryption of files, the Cyble report showed. Researchers also discovered that Termite worked hard to prevent the recovery of encrypted files by erasing all its shadow copies and clearing the recycle bin. "The emergence of Termite underscores the critical need for robust cybersecurity measures, proactive threat intelligence, and incident response strategies to counter the evolving tactics of ransomware groups," added researchers.
Ransomware, Breach, Threat Intelligence
Nascent Termite ransomware gang behind Blue Yonder hack
An In-Depth Guide to Ransomware
Get essential knowledge and practical strategies to protect your organization from ransomware attacks.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds