Security News > 2024 > February > Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
Bumblebee is a malware loader discovered in April 2022 and is believed to have been developed by the Conti and Trickbot cybercrime syndicate as a replacement for the BazarLoader backdoor.
The malware is commonly distributed in phishing campaigns to drop additional payloads on infected devices, such as Cobalt Strike beacons, for initial network access and to conduct ransomware attacks.
In a new malware campaign observed by Proofpoint, the return of Bumblebee since October is significant as it could lead to a broader increase in cybercrime activities as we head into 2024.
The last notable development in the malware was in September 2023, when the malware employed a new distribution technique relying on the abuse of 4shared WebDAV services to evade blocklists.
Notable cases include DarkGate and Pikabot, two highly capable malware loaders that now drive infections via multiple channels, including phishing, malvertising, and messages on Skype and Microsoft Teams.
News URL
Related news
- DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack (source)
- From Deepfakes to Malware: AI's Expanding Role in Cyber Attacks (source)
- New BunnyLoader Malware Variant Surfaces with Modular Attack Features (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- The Biggest Takeaways from Recent Malware Attacks (source)
- Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)
- CoralRaider attacks use CDN cache to push info-stealer malware (source)