www.techrepublic.com
Open in
urlscan Pro
151.101.130.132
Public Scan
URL:
https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/
Submission: On August 19 via api from DE — Scanned from DE
Submission: On August 19 via api from DE — Scanned from DE
Form analysis
8 forms found in the DOM/search/
<form action="/search/" class="search-bar">
<label id="label-nav-site-search" for="nav-site-search"> Search </label>
<input type="search" autocomplete="off" name="q" id="nav-site-search" value="" placeholder="What are you looking for?" required="">
<button type="submit" disabled="disabled">
<svg role="img" aria-labelledby="label-nav-site-search">
<use href="#smart-search-icon"></use>
</svg>
</button>
</form>
POST https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/
<form method="POST" action="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/">
<input type="email" class="read-write" aria-label="Enter your email" name="join-signin-email" placeholder="Enter your email" autofocus="" required="">
<input type="submit" value="Continue" class="btn-trigger">
</form>
POST https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/?tr-login=1
<form method="POST" action="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/?tr-login=1">
<input type="hidden" name="redirect_to" value="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/">
<input type="email" name="join-signin-email" value="" readonly="" required="" class="readonly">
<input type="password" name="signin-pw" aria-label="Enter your password" placeholder="Enter your password" autofocus="" required="" class="read-write">
<input id="submit-login" type="submit" value="Continue" class="btn-trigger">
</form>
POST
<form method="POST" id="forgot-pw">
<input type="hidden" name="forgot-pw" value="1">
<input type="hidden" name="join-signin-email" value="">
<input type="submit" value="Forgot password" class="forgot-pw">
</form>
POST https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/?tr-login=1
<form action="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/?tr-login=1" method="post">
<input type="hidden" name="redirect_to" value="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/">
<input type="email" name="join-signin-email" value="" class="readonly" readonly="" required="">
<input type="text" class="read-write" aria-label="Enter a username" name="username" value="" placeholder="Enter a unique username" required="">
<input type="password" name="join-pw" class="read-write" autofocus="" aria-label="Choose a password" placeholder="Choose a password" required="">
<select id="country" name="country" class="readonly" required="">
<option value="NOTSELECTED">Country</option>
<option value="US"> United States </option>
<option value="AF"> Afghanistan </option>
<option value="AX"> Aland Islands </option>
<option value="AL"> Albania </option>
<option value="DZ"> Algeria </option>
<option value="AS"> American Samoa </option>
<option value="AD"> Andorra </option>
<option value="AO"> Angola </option>
<option value="AI"> Anguilla </option>
<option value="AQ"> Antarctica </option>
<option value="AG"> Antigua And Barbuda </option>
<option value="AR"> Argentina </option>
<option value="AM"> Armenia </option>
<option value="AW"> Aruba </option>
<option value="AU"> Australia </option>
<option value="AT"> Austria </option>
<option value="AZ"> Azerbaijan </option>
<option value="BS"> Bahamas </option>
<option value="BH"> Bahrain </option>
<option value="BD"> Bangladesh </option>
<option value="BB"> Barbados </option>
<option value="BY"> Belarus </option>
<option value="BE"> Belgium </option>
<option value="BZ"> Belize </option>
<option value="BJ"> Benin </option>
<option value="BM"> Bermuda </option>
<option value="BT"> Bhutan </option>
<option value="BO"> Bolivia </option>
<option value="BA"> Bosnia and Herzegovina </option>
<option value="BW"> Botswana </option>
<option value="BV"> Bouvet Island </option>
<option value="BR"> Brazil </option>
<option value="IO"> British Indian Ocean Territory </option>
<option value="BN"> Brunei Darussalam </option>
<option value="BG"> Bulgaria </option>
<option value="BF"> Burkina Faso </option>
<option value="BI"> Burundi </option>
<option value="KH"> Cambodia </option>
<option value="CM"> Cameroon </option>
<option value="CA"> Canada </option>
<option value="CV"> Cape Verde </option>
<option value="BQ"> Caribbean Netherlands </option>
<option value="KY"> Cayman Islands </option>
<option value="CF"> Central African Republic </option>
<option value="TD"> Chad </option>
<option value="CL"> Chile </option>
<option value="CN"> China </option>
<option value="CX"> Christmas Island </option>
<option value="CC"> Cocos (Keeling) Islands </option>
<option value="CO"> Colombia </option>
<option value="KM"> Comoros </option>
<option value="CG"> Congo </option>
<option value="CD"> Congo, DROC </option>
<option value="CK"> Cook Islands </option>
<option value="CR"> Costa Rica </option>
<option value="CI"> Cote D'ivoire </option>
<option value="HR"> Croatia </option>
<option value="CU"> Cuba </option>
<option value="CW"> Curazao </option>
<option value="CY"> Cyprus </option>
<option value="CZ"> Czech Republic </option>
<option value="DK"> Denmark </option>
<option value="DJ"> Djibouti </option>
<option value="DM"> Dominica </option>
<option value="DO"> Dominican Republic </option>
<option value="TL"> East Timor </option>
<option value="EC"> Ecuador </option>
<option value="EG"> Egypt </option>
<option value="SV"> El Salvador </option>
<option value="GQ"> Equatorial Guinea </option>
<option value="ER"> Eritrea </option>
<option value="EE"> Estonia </option>
<option value="ET"> Ethiopia </option>
<option value="FK"> Falkland Islands (Malvinas) </option>
<option value="FO"> Faroe Islands </option>
<option value="FJ"> Fiji </option>
<option value="FI"> Finland </option>
<option value="FR"> France </option>
<option value="GF"> French Guiana </option>
<option value="PF"> French Polynesia </option>
<option value="TF"> French Southern Territories </option>
<option value="GA"> Gabon </option>
<option value="GM"> Gambia </option>
<option value="GE"> Georgia </option>
<option value="DE"> Germany </option>
<option value="GH"> Ghana </option>
<option value="GI"> Gibraltar </option>
<option value="GR"> Greece </option>
<option value="GL"> Greenland </option>
<option value="GD"> Grenada </option>
<option value="GP"> Guadeloupe </option>
<option value="GU"> Guam </option>
<option value="GT"> Guatemala </option>
<option value="GG"> Guernsey </option>
<option value="GN"> Guinea </option>
<option value="GW"> Guinea-Bissau </option>
<option value="GY"> Guyana </option>
<option value="HT"> Haiti </option>
<option value="HM"> Heard And Mc Donald Islands </option>
<option value="VA"> Holy See (Vatican City State) </option>
<option value="HN"> Honduras </option>
<option value="HK"> Hong Kong </option>
<option value="HU"> Hungary </option>
<option value="IS"> Iceland </option>
<option value="IN"> India </option>
<option value="ID"> Indonesia </option>
<option value="IR"> Iran (Islamic Republic Of) </option>
<option value="IQ"> Iraq </option>
<option value="IE"> Ireland </option>
<option value="IM"> Isle of Man </option>
<option value="IL"> Israel </option>
<option value="IT"> Italy </option>
<option value="JM"> Jamaica </option>
<option value="JP"> Japan </option>
<option value="JE"> Jersey </option>
<option value="JO"> Jordan </option>
<option value="KZ"> Kazakhstan </option>
<option value="KE"> Kenya </option>
<option value="KI"> Kiribati </option>
<option value="KW"> Kuwait </option>
<option value="KR"> Korea, Republic Of </option>
<option value="XK"> Kosovo </option>
<option value="KG"> Kyrgyzstan </option>
<option value="LA"> Lao People's Democratic Republic </option>
<option value="LV"> Latvia </option>
<option value="KP"> Korea, Democratic People's Republic of </option>
<option value="LB"> Lebanon </option>
<option value="LS"> Lesotho </option>
<option value="LR"> Liberia </option>
<option value="LY"> Libyan Arab Jamahiriya </option>
<option value="LI"> Liechtenstein </option>
<option value="LT"> Lithuania </option>
<option value="LU"> Luxembourg </option>
<option value="MO"> Macau </option>
<option value="MK"> Macedonia </option>
<option value="MG"> Madagascar </option>
<option value="MW"> Malawi </option>
<option value="MY"> Malaysia </option>
<option value="MV"> Maldives </option>
<option value="ML"> Mali </option>
<option value="MT"> Malta </option>
<option value="MH"> Marshall Islands </option>
<option value="MQ"> Martinique </option>
<option value="MR"> Mauritania </option>
<option value="MU"> Mauritius </option>
<option value="YT"> Mayotte </option>
<option value="MX"> Mexico </option>
<option value="FM"> Micronesia, Federated States of </option>
<option value="MD"> Moldova, Republic Of </option>
<option value="MC"> Monaco </option>
<option value="MN"> Mongolia </option>
<option value="ME"> Montenegro </option>
<option value="MS"> Montserrat </option>
<option value="MA"> Morocco </option>
<option value="MZ"> Mozambique </option>
<option value="MM"> Myanmar </option>
<option value="NA"> Namibia </option>
<option value="NR"> Nauru </option>
<option value="NP"> Nepal </option>
<option value="NL"> Netherlands </option>
<option value="AN"> Netherlands Antilles </option>
<option value="NC"> New Caledonia </option>
<option value="NZ"> New Zealand </option>
<option value="NI"> Nicaragua </option>
<option value="NE"> Niger </option>
<option value="NG"> Nigeria </option>
<option value="NU"> Niue </option>
<option value="NF"> Norfolk Island </option>
<option value="MP"> Northern Mariana Islands </option>
<option value="NO"> Norway </option>
<option value="OM"> Oman </option>
<option value="PK"> Pakistan </option>
<option value="PW"> Palau </option>
<option value="PS"> Palestinian Territory, Occupied </option>
<option value="PA"> Panama </option>
<option value="PG"> Papua New Guinea </option>
<option value="PY"> Paraguay </option>
<option value="PE"> Peru </option>
<option value="PH"> Philippines </option>
<option value="PN"> Pitcairn </option>
<option value="PL"> Poland </option>
<option value="PT"> Portugal </option>
<option value="PR"> Puerto Rico </option>
<option value="QA"> Qatar </option>
<option value="RE"> Reunion </option>
<option value="RO"> Romania </option>
<option value="RU"> Russia </option>
<option value="RW"> Rwanda </option>
<option value="GS"> S. Georgia And S. Sandwich Isles </option>
<option value="BL"> Saint Barthelemy </option>
<option value="KN"> Saint Kitts And Nevis </option>
<option value="LC"> Saint Lucia </option>
<option value="MF"> Saint Martin </option>
<option value="VC"> Saint Vincent And The Grenadines </option>
<option value="WS"> Samoa </option>
<option value="SM"> San Marino </option>
<option value="ST"> Sao Tome And Principe </option>
<option value="SA"> Saudi Arabia </option>
<option value="SN"> Senegal </option>
<option value="RS"> Serbia </option>
<option value="CS"> Serbia and Montenegro </option>
<option value="SC"> Seychelles </option>
<option value="SL"> Sierra Leone </option>
<option value="SG"> Singapore </option>
<option value="SX"> Sint Maarten </option>
<option value="SK"> Slovakia </option>
<option value="SI"> Slovenia </option>
<option value="SB"> Solomon Islands </option>
<option value="SO"> Somalia </option>
<option value="ZA"> South Africa </option>
<option value="SS"> South Sudan </option>
<option value="ES"> Spain </option>
<option value="LK"> Sri Lanka </option>
<option value="SH"> St. Helena </option>
<option value="PM"> St. Pierre And Miquelon </option>
<option value="SD"> Sudan </option>
<option value="SR"> Suriname </option>
<option value="SJ"> Svalbard And Jan Mayen Islands </option>
<option value="SZ"> Swaziland </option>
<option value="SE"> Sweden </option>
<option value="CH"> Switzerland </option>
<option value="SY"> Syrian Arab Republic </option>
<option value="TW"> Taiwan </option>
<option value="TJ"> Tajikistan </option>
<option value="TZ"> Tanzania, United Republic Of </option>
<option value="TH"> Thailand </option>
<option value="TG"> Togo </option>
<option value="TK"> Tokelau </option>
<option value="TO"> Tonga </option>
<option value="TT"> Trinidad And Tobago </option>
<option value="TN"> Tunisia </option>
<option value="TR"> Turkey </option>
<option value="TM"> Turkmenistan </option>
<option value="TC"> Turks And Caicos Islands </option>
<option value="TV"> Tuvalu </option>
<option value="UM"> U.S. Minor Outlying Islands </option>
<option value="UG"> Uganda </option>
<option value="UA"> Ukraine </option>
<option value="AE"> United Arab Emirates </option>
<option value="GB"> United Kingdom </option>
<option value="UY"> Uruguay </option>
<option value="UZ"> Uzbekistan </option>
<option value="VU"> Vanuatu </option>
<option value="VE"> Venezuela </option>
<option value="VN"> Viet Nam </option>
<option value="VG"> Virgin Islands (British) </option>
<option value="VI"> Virgin Islands (U.S.) </option>
<option value="WF"> Wallis And Futuna Islands </option>
<option value="EH"> Western Sahara </option>
<option value="YE"> Yemen </option>
<option value="YU"> Yugoslavia </option>
<option value="ZM"> Zambia </option>
<option value="ZW"> Zimbabwe </option>
</select>
<label for="tos">
<input type="checkbox" name="tos" id="tos" required="">
<span class="terms-of-service">
<p>By registering, you agree to the <a href=" https://technologyadvice.com/terms-conditions/" target="_blank">Terms of Use</a> and acknowledge the data practices outlined in the
<a href="https://technologyadvice.com/privacy-policy/" target="_blank">Privacy Policy</a>.</p>
<p>You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.</p>
</span>
</label>
<input id="submit-join" type="submit" value="Continue" class="btn-trigger">
</form>
POST
<form class="share-email-form" method="post">
<input type="hidden" name="share-email-title" value="New Bumblebee malware loader increasingly adopted by cyber threat groups">
<input type="hidden" name="share-email-url" value="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/">
<input type="email" name="from-email" class="read-write" placeholder="Your Email" required="">
<input type="email" name="to-email" class="read-write" placeholder="Recipient Email" required="">
<textarea name="msg" class="readonly">Check out this article I found on TechRepublic.</textarea>
<input type="submit" value="Submit">
<p class="response-msg">Your email has been sent</p>
</form>
POST
<form class="share-email-form" method="post">
<input type="hidden" name="share-email-title" value="New Bumblebee malware loader increasingly adopted by cyber threat groups">
<input type="hidden" name="share-email-url" value="https://www.techrepublic.com/article/new-bumblebee-malware-loader-increasingly-adopted-by-cyber-threat-groups/">
<input type="email" name="from-email" class="read-write" placeholder="Your Email" required="">
<input type="email" name="to-email" class="read-write" placeholder="Recipient Email" required="">
<textarea name="msg" class="readonly">Check out this article I found on TechRepublic.</textarea>
<input type="submit" value="Submit">
<p class="response-msg">Your email has been sent</p>
</form>
POST
<form class="email-author-form" method="post">
<input type="hidden" name="author_id" value="37114931">
<input type="text" name="from-name" class="read-write" placeholder="Your Name" required="">
<input type="email" name="from-email" class="read-write" placeholder="Your Email" required="">
<input type="text" name="subject" class="read-write" placeholder="Subject" required="">
<textarea name="msg" placeholder="Message" required="" class="read-write"></textarea>
<input type="submit" value="Send Message">
<p class="response-msg">Your message has been sent</p>
</form>
Text Content
WE VALUE YOUR PRIVACY We and our partners store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click to consent to our and our partners’ processing as described above. Alternatively you may access more detailed information and change your preferences before consenting or to refuse consenting. Please note that some processing of your personal data may not require your consent, but you have a right to object to such processing. Your preferences will apply to this website only. You can change your preferences at any time by returning to this site or visit our privacy policy. MORE OPTIONSAGREE Skip to content TECHREPUBLIC Search Close Search * Top Products Lists * Developer * 5G * Security * Cloud * Artificial Intelligence * Tech & Work * Mobility * Big Data * Innovation * Cheat Sheets * TechRepublic Academy * CES Toggle TechRepublic mobile menu More * TechRepublic Premium * Top Products Lists * Developer * 5G * Security * Cloud * Artificial Intelligence * Tech & Work * Mobility * Big Data * Innovation * Cheat Sheets * TechRepublic Academy * CES * See All Topics * Sponsored * Newsletters * Forums * Resource Library TechRepublic Premium Join / Sign In ACCOUNT INFORMATION TechRepublic close modal JOIN OR SIGN IN Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use Facebook Use Linkedin JOIN OR SIGN IN We recently updated our Terms and Conditions for TechRepublic Premium. By clicking continue, you agree to these updated terms. WELCOME BACK! Invalid email/username and password combination supplied. RESET PASSWORD An email has been sent to you with instructions on how to reset your password. Back to TechRepublic WELCOME TO TECHREPUBLIC! Country United States Afghanistan Aland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua And Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Caribbean Netherlands Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, DROC Cook Islands Costa Rica Cote D'ivoire Croatia Cuba Curazao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard And Mc Donald Islands Holy See (Vatican City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran (Islamic Republic Of) Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati Kuwait Korea, Republic Of Kosovo Kyrgyzstan Lao People's Democratic Republic Latvia Korea, Democratic People's Republic of Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macau Macedonia Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated States of Moldova, Republic Of Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands Netherlands Antilles New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory, Occupied Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Reunion Romania Russia Rwanda S. Georgia And S. Sandwich Isles Saint Barthelemy Saint Kitts And Nevis Saint Lucia Saint Martin Saint Vincent And The Grenadines Samoa San Marino Sao Tome And Principe Saudi Arabia Senegal Serbia Serbia and Montenegro Seychelles Sierra Leone Singapore Sint Maarten Slovakia Slovenia Solomon Islands Somalia South Africa South Sudan Spain Sri Lanka St. Helena St. Pierre And Miquelon Sudan Suriname Svalbard And Jan Mayen Islands Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania, United Republic Of Thailand Togo Tokelau Tonga Trinidad And Tobago Tunisia Turkey Turkmenistan Turks And Caicos Islands Tuvalu U.S. Minor Outlying Islands Uganda Ukraine United Arab Emirates United Kingdom Uruguay Uzbekistan Vanuatu Venezuela Viet Nam Virgin Islands (British) Virgin Islands (U.S.) Wallis And Futuna Islands Western Sahara Yemen Yugoslavia Zambia Zimbabwe By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy. You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time. All fields are required. Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces). Loading ACCOUNT INFORMATION TechRepublic close modal Image: iStockphoto/solarseven NEW BUMBLEBEE MALWARE LOADER INCREASINGLY ADOPTED BY CYBER THREAT GROUPS * * * * ACCOUNT INFORMATION TechRepublic close modal SHARE WITH YOUR FRIENDS New Bumblebee malware loader increasingly adopted by cyber threat groups Check out this article I found on TechRepublic. Your email has been sent by Brian Stone in Security on June 28, 2022, 3:00 AM PDT NEW BUMBLEBEE MALWARE LOADER INCREASINGLY ADOPTED BY CYBER THREAT GROUPS Conti, Quantum and Mountlocker were all linked to having used the new piece of software to inject systems with ransomware. Image: iStockphoto/solarseven A recently uncovered malware loader called Bumblebee has been found to be connected to a number of prominent ransomware groups and has been a key component of many cyberattacks. New findings by the Symantec Threat Hunter Team, part of Broadcom Software, discovered that the tool has links to threat groups such as Conti, Quantum and Mountlocker, per the team’s blog entry. According to Symantec’s Threat Hunter Team, the Bumblebee loader may have been used as a replacement for Trickbot and BazarLoader, due to the overlap in recent activity involving Bumblebee and older attacks linked to these loaders. “[Bumblebee] appears to have replaced a number of older loaders, which suggests that it is the work of established actors and that the transition to Bumblebee was pre-planned,” the team wrote in its blog post. HOW THE BUMBLEBEE LOADER BECOMES A THREAT MUST-READ SECURITY COVERAGE * 85% of Android users are concerned about privacy * Almost 2,000 data breaches reported for the first half of 2022 * In security, there is no average behavior * How to secure your email via encryption, password management and more (TechRepublic Premium) One particular attack singled out by the team stemming from Quantum ransomware detailed how the Bumblebee loader is put into practice. The initial infection came through use of a spear-phishing email, which had an attachment of an ISO file. The malicious file in question was equipped with a Bumblebee DLL file and a LNK file, which then loaded the Bumblebee file using rundll32.exe. The Bumblebee loader allegedly then contacted a command-and-control server according to the team, and created a duplicate file within the %APPDATA% folder with a randomized name. In conjunction with this, a VBS file was also created within the same location. Then, the loader organized a scheduled task to run the VBS file every 15 minutes. After a few hours had passed, the loader dropped a Cobalt Strike payload. This action led to two additional points: One being that Metasploit DLL was injected into a legitimate Windows process and the second coming from an AdFind tool to collect system information such as domain users and group permissions for the system. After this task was completed, the Quantum ransomware was unloaded by Bumblebee, allowing the ransomware group to encrypt files of the targeted system. Once in the system, Quantum then was able to scrape the system for user information using Windows Management Instrumentation. The ransomware payload also disabled any processes related to malware identification. SEE: Mobile device security policy (TechRepublic Premium) BUMBLEBEE’S CONNECTION TO PREVIOUS ATTACKS Due to Bumblebee’s use of the tools formerly mentioned, it is believed by the Threat Hunter Team that there is a connection between the new loader and ones used previously by cybercriminal groups. One such link comes from the use of AdFind, a publicly available tool for querying Active Directory and having been used by other adversaries in the past. The deployment of an ISO file with the intent to infect a system was also the initial infection point for victims in previous attacks, dating back as far as June of 2021 and used by threat groups Ryuk and Conti. Another link comes from the use of a batch script known as adf.bat. The batch script has been tied to cyberattacks going back to November 2021, along with the use of the AdFind tool in these attacks. In that case, the loader was determined to be BazarLoader. Many of the attacks being investigated by the Threat Hunter Team also found the use of legitimate software tools within the attacks themselves. For organizations employing remote desktop tools this can cause major issues, having been linked to a number of ransomware deployments and data exfiltration purposes. Symantec’s team recommends that users and enterprises be on the lookout for this new malware loader and the capabilities it possesses. CYBERSECURITY INSIDER NEWSLETTER Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays Sign up today Brian Stone Published: June 28, 2022, 3:00 AM PDT Modified: June 28, 2022, 6:13 AM PDT See more Security ALSO SEE * How to become a cybersecurity pro: A cheat sheet (TechRepublic) * EDR Software: Choosing the Best EDR Tools for Your Business (TechRepublic) * NIST Cybersecurity Framework: A cheat sheet for professionals (free PDF) (TechRepublic) * Cybersecurity and cyberwar: More must-read coverage (TechRepublic on Flipboard) WHITE PAPERS, WEBCASTS, AND DOWNLOADS THE 2022 COMPLETE LINUX PROGRAMMING CERTIFICATION BUNDLE Training from TechRepublic Academy Get It Today THE LINUX & DOCKER CODING BUNDLE Training from TechRepublic Academy Learn More LIFETIME LICENSE: MICROSOFT OFFICE PROFESSIONAL FOR MAC Downloads from TechRepublic Academy Download Now RASPBERRY PI & ARDUINO DEVELOPER BUNDLE Training from TechRepublic Academy Read More LIFETIME LICENSE: MICROSOFT OFFICE PROFESSIONAL FOR WINDOWS Downloads from TechRepublic Academy Download Now * * * * ACCOUNT INFORMATION TechRepublic close modal SHARE WITH YOUR FRIENDS New Bumblebee malware loader increasingly adopted by cyber threat groups Check out this article I found on TechRepublic. Your email has been sent Share: New Bumblebee malware loader increasingly adopted by cyber threat groups By Brian Stone Brian is an award-winning journalist covering technology and the news behind it, having written for both print and online outlets in his previous stops as a writer. * * ACCOUNT INFORMATION TechRepublic close modal CONTACT BRIAN STONE Your message has been sent * | * See all of Brian's content * Security EDITOR'S PICKS * Image: Rawpixel/Adobe Stock TechRepublic Premium TECHREPUBLIC PREMIUM EDITORIAL CALENDAR: IT POLICIES, CHECKLISTS, TOOLKITS, AND RESEARCH FOR DOWNLOAD TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project. TechRepublic Staff Published: August 5, 2022, 9:30 AM PDT Modified: August 6, 2022, 7:23 PM PDT Read More See more TechRepublic Premium * Image: Adobe Stock Innovation GARTNER IDENTIFIES 25 EMERGING TECHNOLOGIES IN ITS 2022 HYPE CYCLE The technologies could enable immersive experiences, accelerated AI automation and optimized technologist delivery in the next two to 10 years, according to the firm. Esther Shein Published: August 9, 2022, 8:56 AM PDT Modified: August 9, 2022, 8:56 AM PDT Read More See more Innovation * Image: BillionPhotos.com/Adobe Stock CXO TOP 10 ERP VENDORS 2022 Are you an IT manager or executive trying to make the case for a new ERP vendor? Compare the top ERP software solutions with our list today. Brenna Miles Published: July 26, 2022, 8:30 AM PDT Modified: July 30, 2022, 3:15 AM PDT Read More See more CXO * Image: Apple. At WWDC 2022, Apple announced the planned release of the next version of its Mac operating system, macOS Ventura, for the fall of 2022. Software MACOS 13 VENTURA CHEAT SHEET: COMPLETE GUIDE FOR 2022 Learn about the new features available with macOS 13 and how to download and install the latest version of Apple’s flagship operating system. Erik Eckel Published: July 12, 2022, 12:26 PM PDT Modified: July 12, 2022, 2:38 PM PDT Read More See more Software * Image: elenabsl/Adobe Stock Software TOP TECHREPUBLIC ACADEMY TRAINING COURSES AND SOFTWARE OFFERINGS OF 2022 Get great deals on developer and Linux training courses, Microsoft Office licenses and more through these TechRepublic Academy offerings. Brenna Miles Published: July 15, 2022, 8:15 AM PDT Modified: July 15, 2022, 8:15 AM PDT Read More See more Software * Image: iStock/phototechno Cloud MULTICLOUD EXPLAINED: A CHEAT SHEET This comprehensive guide covers the use of services from multiple cloud vendors, including the benefits businesses gain and the challenges IT teams face when using multicloud. Matt Asay Published: August 10, 2022, 12:33 PM PDT Modified: August 16, 2022, 7:07 AM PDT Read More See more Cloud TECHREPUBLIC PREMIUM * TechRepublic Premium HOW TO RECRUIT AND HIRE A SCRUM MASTER Recruiting a Scrum Master with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit provides a customizable framework your business can use to find, recruit and ultimately hire the right person for the job. This hiring kit from TechRepublic Premium includes a job description, sample interview questions ... Downloads Published: August 5, 2022, 5:00 PM PDT Modified: August 7, 2022, 4:00 AM PDT Read More See more TechRepublic Premium * TechRepublic Premium WEB 3.0 QUICK GLOSSARY Knowing the terminology associated with Web 3.0 is going to be vital to every IT administrator, developer, network engineer, manager and decision maker in business. This quick glossary will introduce and explain concepts and terms vital to understanding Web 3.0 and the technology that drives and supports it. Downloads Published: August 4, 2022, 5:00 PM PDT Modified: August 7, 2022, 1:00 AM PDT Read More See more TechRepublic Premium * TechRepublic Premium HOW TO RECRUIT AND HIRE A USER EXPERIENCE DESIGNER While the perfect color palette or the most sublime button shading or myriad of other design features play an important role in any product’s success, user interface design is not enough. Customer engagement and retention requires a strategic plan that attempts to measure, quantify and ultimately create a complete satisfying user experience on both an ... Published: August 4, 2022, 5:00 PM PDT Modified: August 7, 2022, 3:00 AM PDT Read More See more TechRepublic Premium * TechRepublic Premium INDUSTRIAL INTERNET OF THINGS: SOFTWARE COMPARISON TOOL IIoT software assists manufacturers and other industrial operations with configuring, managing and monitoring connected devices. A good IoT solution requires capabilities ranging from designing and delivering connected products to collecting and analyzing system data once in the field. Each IIoT use case has its own diverse set of requirements, but there are key capabilities and ... Downloads Published: May 26, 2022, 5:00 PM PDT Modified: May 28, 2022, 8:00 AM PDT Read More See more TechRepublic Premium SERVICES * About Us * Newsletters * RSS Feeds * Site Map * Site Help & Feedback * FAQ * Advertise * Do Not Sell My Information EXPLORE * Downloads * TechRepublic Forums * Meet the Team * TechRepublic Academy * TechRepublic Premium * Resource Library * Photos * Videos * TechRepublic * TechRepublic on Twitter * TechRepublic on Facebook * TechRepublic on LinkedIn * TechRepublic on Flipboard © 2022 TechnologyAdvice. All rights reserved. * Privacy Policy * Terms of Use * Property of TechnologyAdvice