| Category | Details |
|---|---|
| Threat Actors | Termite |
| Campaign Overview | Active ransomware group engaging in extortion methods such as blackmail, double extortion, and free data leaks. |
| Target Regions | United States, France, Oman, Germany, Canada |
| Methodology | Data broker ransomware using extortion to coerce payment; TOR-based communication for anonymity. |
| Product Targeted | Various industries including Manufacturing, Environmental Services, Oil & Gas, Healthcare, and Education. |
| Malware Reference | Termite |
| Tools Used | TOR for hosting extortion links and communication; ransomware payload to extract data for extortion. |
| Vulnerabilities Exploited | Details not specified; likely exploiting vulnerabilities to infiltrate diverse industry systems. |
| TTPs | Double extortion, blackmail, and public leaks of sensitive data; use of TOR for communication and data leaks. |
| Attribution | Termite group identified as responsible. |
| Recommendations | Strengthen cybersecurity defenses, monitor for suspicious TOR activity, establish robust incident response plans. |
| Source | WatchGuard |
Read full article:https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/termite
Disclaimer: The above summary has been generated by an AI language model.
Leave a Reply