The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. “Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration,” Cybereason researchers Meroujan Antonyan and Alon Laufer said in a technical write-up.
As summer draws to a close it’s a concern to learn that Bumblebee Loader is still buzzing around trying to sting people. Malware is a threat for all of us, and businesses need to watch out. Phishing is the weak link for malware to penetrate systems, so awareness training for employees re ‘clicking on the wrong link’ is vital. However, users will always make mistakes so the use of phishing-resistant MFA across the business provides an all-important layer of security to prevent malware incursion and the leak of data and information. Bumblebee and other disruptive malware loaders can cause organisations huge cost and even complete failure so they need to be avoided.