Termite Hacked Blue Yonder 

Uploaded on 2024-12-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Termite is a previously unknown  ransomware gang which has claimed responsibility for a recent cyber attack on the leading supply chain software company, Blue Yonder

The original attack hit Blue Yonder customers in November , including the Starbucks coffee shop chain and UK grocery stores, Sainsbury's and Morrisons. 

According to reports, Starbucks was forced to pay staff manually, while Morrisons experienced problems with its warehouse management systems.

Now, Termite has used its Dark Web page to claim responsibility for several others large-scale attacks on organisations across different sectors, including government agencies, oil and gas and vehicle manufacturing, although not all Termite's claims are confirmed. 

In the exploit against Blue Yonder, Termite claims to have stolen 680GB of data, including more than 16,000 email lists that it plans to use for future attacks, and more than 200,000 insurance documents. Blue Yonder said it was working to restore systems, with some of the affected customers brought back online and others on the path to recovery. It has hardened its defensive and forensic protocols since the incident, the company revealed.

According to detailed analyses from both Cyjax and from Cyble, Termite is using a modified version of Babuk ransomware, which, encrypts targeted files and adds a .termite extension. It simultaneously delivers  a ransom note onto its victims' encrypted systems. The actor's logo features a blue stylised termite integrated with circuit-like pathways.

Recommended  Measures To Prevent Ransomware Attacks:

  • Do not open untrusted links and email attachments without first verifying their authenticity.
  • Conduct regular backup practices and keep those backups offline or in a separate network.
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.
  • Use a reputable antivirus and Internet security software package on your connected devices, including PC, laptop, and mobile. 

While Blue Yonder has acknowledged it is investigating Termite's claims, it has not so far said anything about ransom. 

Cyjax   |    Cyble   |   Infosecurity Magazine   |    Cyberscoop   |    Broadcom   |   @BlueYonder   |    ITPro   

Image: 

You Might Also Read: 

Medusa Ransomware Group: Delivering Sophisticated Attacks:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« The Corporate CISO Role Is Evolving 
The Challenges Of Middle Management In Email Cybersecurity »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ANS Group

ANS Group

ANS are a strong team of straight-talking tech and business experts. Our mission is to make digital transformation accessible to all.

Biscom

Biscom

Biscom offers solutions for secure file transfer, synchronization, file translation, and mobile devices, designed to deliver mission-critical reliability, streamline workflows and reduce costs.

TestingXperts

TestingXperts

TestingXperts is a specialist software QA and testing company.

Research Institute in Science of Cyber Security (RISCS)

Research Institute in Science of Cyber Security (RISCS)

RISCS is focused on giving organisations more evidence, to allow them to make better decisions, aiding to the development of cybersecurity as a science.

Australian Cyber Security Centre (ACSC)

Australian Cyber Security Centre (ACSC)

The Australian Cyber Security Centre (ACSC) brings cyber security capabilities from across the Australian Government together into a single location.

KayHut

KayHut

KayHut is a young, innovative company engaged in cyber research and security solutions.

DataArt

DataArt

DataArt is a global technology consultancy that designs, develops and supports unique software solutions. Areas of activity include software security testing.

FRSecure

FRSecure

FRSecure is a full-service information security management company that protects sensitive, confidential business information from unauthorized access, disclosure, distribution and destruction.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.

SiyanoAV

SiyanoAV

SiyanoAV's range of antivirus products delivers strong protection against various cyber threats, including malware, ransomware, phishing schemes, and beyond.

DeepSurface Security

DeepSurface Security

DeepSurface is the first risk-based vulnerability management platform that allows cybersecurity teams to automate the process of analyzing and prioritizing vulnerabilities.

AZCOMP Technologies

AZCOMP Technologies

AZCOMP provide professional network security consulting services as well as network security auditing and assessments.