highMalware & Threats
Velvet Tempest Links Termite Ransomware to ClickFix CastleRAT Campaign
Security researchers have linked Termite ransomware deployments to Velvet Tempest threat actors using the ClickFix social engineering technique. The campaign leverages legitimate Windows utilities and deploys DonutLoader malware along with the CastleRAT backdoor to establish persistence before ransomware execution.
BleepingComputer
termite-ransomwarevelvet-tempestclickfix