CyberNews Briefs

Hackers Deploy Bumblebee Loader to Breach Target Networks

Threat actors associated with the malwares IcedID, TrickBot, and BazarLoader are increasingly turning to the malware Bumblebee to breach target networks, researchers say. The network breaches are followed by post-exploitation activities that aim to collect sensitive information. On Thursday, Cybereason published an advisory about the malware Bumblebee detailing the nature of the tool and the way in which it is exploited. Cybereason stated that it observed threat actors who frequently use other malware transitioning to using Bumblebee.

The majority of Bumblebee infections documented by Cybereason start with end-users executing LNK files. These files use a system binary to load the malware onto the victim’s machine. The malware operators then conduct reconnaissance activities and begin executing commands to exfiltrate files. Cybereason stated that the attacks are very aggressive, and therefore organizations and individuals should treat it as a critical threat.

Read More: Hackers Deploy Bumblebee Loader to Breach Target Networks

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.