Code Injection

Termite ransomware breaches linked to ClickFix CastleRAT attacks

BleepingComputer · Bill Toulas3/7/2026, 4:14:32 PM
View Original Source

Summary

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor. [...]

Tags

#ransomware#backdoor#windows#malware

Metadata

Article ID
#300004
Source
BleepingComputer
Scraped At
3/7/2026, 6:00:58 PM
URL Hash
59a9b13a2747bfce…