Termite Hacked Blue Yonder 

Uploaded on 2024-12-16 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

Termite is a previously unknown  ransomware gang which has claimed responsibility for a recent cyber attack on the leading supply chain software company, Blue Yonder

The original attack hit Blue Yonder customers in November , including the Starbucks coffee shop chain and UK grocery stores, Sainsbury's and Morrisons. 

According to reports, Starbucks was forced to pay staff manually, while Morrisons experienced problems with its warehouse management systems.

Now, Termite has used its Dark Web page to claim responsibility for several others large-scale attacks on organisations across different sectors, including government agencies, oil and gas and vehicle manufacturing, although not all Termite's claims are confirmed. 

In the exploit against Blue Yonder, Termite claims to have stolen 680GB of data, including more than 16,000 email lists that it plans to use for future attacks, and more than 200,000 insurance documents. Blue Yonder said it was working to restore systems, with some of the affected customers brought back online and others on the path to recovery. It has hardened its defensive and forensic protocols since the incident, the company revealed.

According to detailed analyses from both Cyjax and from Cyble, Termite is using a modified version of Babuk ransomware, which, encrypts targeted files and adds a .termite extension. It simultaneously delivers  a ransom note onto its victims' encrypted systems. The actor's logo features a blue stylised termite integrated with circuit-like pathways.

Recommended  Measures To Prevent Ransomware Attacks:

  • Do not open untrusted links and email attachments without first verifying their authenticity.
  • Conduct regular backup practices and keep those backups offline or in a separate network.
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic.
  • Use a reputable antivirus and Internet security software package on your connected devices, including PC, laptop, and mobile. 

While Blue Yonder has acknowledged it is investigating Termite's claims, it has not so far said anything about ransom. 

Cyjax   |    Cyble   |   Infosecurity Magazine   |    Cyberscoop   |    Broadcom   |   @BlueYonder   |    ITPro   

Image: 

You Might Also Read: 

Medusa Ransomware Group: Delivering Sophisticated Attacks:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« The Corporate CISO Role Is Evolving 
The Challenges Of Middle Management In Email Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Gate 15

Gate 15

Gate 15 provide risk management services focusing primarily on information, intelligence and threat analysis, operational support and preparedness.

OmniNet

OmniNet

OmniNet delivers the next generation of cybersecurity and is the only provider in the market to move the edge of small businesses to a virtual, omnipresent perimeter.

Defendify

Defendify

We built Defendify to help small businesses navigate the cybersecurity landscape with cybersecurity that is dead simple, affordable, and works around the clock.

TalaTek

TalaTek

TalaTek is a full-service risk management firm providing expert services in risk management, cybersecurity, and compliance.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

TwoThreeFour

TwoThreeFour

ThreeTwoFour provide tailored cyber security solutions, delivered by highly-skilled, experienced consultants who respond to the real needs of you and your business.

Panther Labs

Panther Labs

Panther’s mission is to make security monitoring fast, flexible and scalable for all security teams.

Oivan

Oivan

Oivan harnesses the strengths of the web, mobile, cloud, cybersecurity, and blockchain technologies to help our clients to launch transformative digital services.

Prime Technology Services

Prime Technology Services

Prime Tech are a group of Red Hat, Microsoft & Cisco Certified IT Professionals with an impressive track record of consistently delivering value to our corporate clients.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

Rescana

Rescana

Rescana offers a cyber risk management platform with the vision to remove the security team bottlenecks, accelerating business processes that require risk assessment.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

Somos

Somos

From voice to messaging to fraud prevention and beyond, Somos are committed to developing innovative solutions that ensure that our ability to maintain trustworthy connections never stops.