Termite

Ransomware Group Profile

Overview

Termite is a ransomware group first identified in late 2024 using a modified version of Babuk ransomware code; its most notable attack was the November 2024 breach of supply-chain software firm Blue Yonder, claiming 680 GB of exfiltrated data and disrupting major customers including Starbucks.

Dark Web Infrastructure (5)
termiteuslbumdge2zmfmfcsrvmvsfe4gvyudc5j6cdnisnhtftvokid.onion
pqw3hepvky2pgyyv6dupvx47cm2gxzwop6dfei3i67dj76tdj6alplqd.onion
4xklh64cl2lymm6n5xywinfq4wlchgugvv5a77pm3pta34svnohwl2id.onion
wc4mc3oupskb2c3q4ba6tlf6tq5mdfoevsgfcotbnbsr4tbqoaomftid.onion
y4bdg56uaznmbptf7dgp5xn3sjyyh4qodqjrsbziqatnyapmiqqctgid.onion
Associated Threat Actors (1)
Whitefly, Mofang
Activity Timeline
First Seen2024
Last Seen2026
Leak Sites5
Quick Actions
View All GroupsThreat Actors
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001