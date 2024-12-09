U.S. supply chain management platform Blue Yonder was claimed to have been breached by the newly emergent Termite ransomware operation in a November attack that disrupted retailers ahead of Thanksgiving, The Cyber Express reports.



Termite — which has already compromised seven victims, two of which are in the U.S. — was regarded by Cyble researchers to be a Babuk ransomware rebrand due to significant similarities between both strains' ransomware binaries. Execution of Termite enabled service and backup process termination and network share and drive discovery, as well as shared resource information retrieval, prior to the encryption of files, the Cyble report showed. Researchers also discovered that Termite worked hard to prevent the recovery of encrypted files by erasing all its shadow copies and clearing the recycle bin. "The emergence of Termite underscores the critical need for robust cybersecurity measures, proactive threat intelligence, and incident response strategies to counter the evolving tactics of ransomware groups," added researchers.