Security News > 2024 > February > Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
Bumblebee is a malware loader discovered in April 2022 and is believed to have been developed by the Conti and Trickbot cybercrime syndicate as a replacement for the BazarLoader backdoor.
The malware is commonly distributed in phishing campaigns to drop additional payloads on infected devices, such as Cobalt Strike beacons, for initial network access and to conduct ransomware attacks.
In a new malware campaign observed by Proofpoint, the return of Bumblebee since October is significant as it could lead to a broader increase in cybercrime activities as we head into 2024.
The last notable development in the malware was in September 2023, when the malware employed a new distribution technique relying on the abuse of 4shared WebDAV services to evade blocklists.
Notable cases include DarkGate and Pikabot, two highly capable malware loaders that now drive infections via multiple channels, including phishing, malvertising, and messages on Skype and Microsoft Teams.
News URL
Related news
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)