Active ransomware operator
← All groupsTermite
48 victims indexed · first seen 2 years ago · last activity 1 month ago
At a glance
- Status
- active
- First seen
- 2 years ago
- Last activity
- 1 month ago
- Onion sites
- 3 known endpoints
- Primary sector
- Not Found · 9 hits
About
References
1 linkExternal sources curated by the MISP threat-intel community.
Timeline
14 monthsTop countries
Top sectors
MITRE ATT&CK
4 techniques · 3 tacticsTactics
Recent victims
Loading…
Onion infrastructure
3 known- http://termitelfvhutinrgpe55siktisskbqntkuq7ojidg42zh26avekq6qd.onion
- http://termitelfvhutinrgpe55siktisskbqntkuq7ojidg42zh26avekq6qd.onion/api/blog/blogs
- http://termiteuslbumdge2zmfmfcsrvmvsfe4gvyudc5j6cdnisnhtftvokid.onion
Source
Updated 1 month agoData on this page is sourced from the group's own leak posts, cross-checked with public ransomware trackers (RansomLook, ransomware.live, RansomWatch), MITRE ATT&CK, and our own Tor and Telegram crawlers. This is a public observatory page — share freely.
Get alerted the next time Termite posts a victim.
Add Termite to your watchlist — Pro pings you within 5 minutes of any new Termite leak-site post, Telegram callout, or affiliate-rebrand inference.

