Hackers Using Bumblebee Loader To Compromise Active Directory Services

By   ISBuzz Team
Writer , Information Security Buzz | Aug 19, 2022 06:35 am PST

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. “Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration,” Cybereason researchers Meroujan Antonyan and Alon Laufer said in a technical write-up. 

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Rob Griffin
Rob Griffin , CEO
August 19, 2022 2:36 pm

As summer draws to a close it’s a concern to learn that Bumblebee Loader is still buzzing around trying to sting people. Malware is a threat for all of us, and businesses need to watch out. Phishing is the weak link for malware to penetrate systems, so awareness training for employees re ‘clicking on the wrong link’ is vital. However, users will always make mistakes so the use of phishing-resistant MFA across the business provides an all-important layer of security to prevent malware incursion and the leak of data and information. Bumblebee and other disruptive malware loaders can cause organisations huge cost and even complete failure so they need to be avoided.

Last edited 1 year ago by rob.griffin

Recent Posts

Would love your thoughts, please comment.x