-
Fake Zenmap. WinMRT sites target IT staff with Bumblebee malware
The Bumblebee malware SEO poisoning campaign uncovered earlier this week aimpersonating RVTools is using more typosquatting domainsi mimicking other popular open-source projects to infect devices used by IT staff.
- May 24, 2025
- 10:26 AM
0
-
Trojanized RVTools push Bumblebee malware in SEO poisoning campaign
The official website for the RVTools VMware management tool was taken offline in what appears to be a supply chain attack that distributed a trojanized installer to drop the Bumblebee malware loader on users' machines.
- May 20, 2025
- 10:39 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Bumblebee malware returns after recent law enforcement disruption
The Bumblebee malware loader has been spotted in new attacks recently, more than four months after Europol disrupted it during 'Operation Endgame' in May.
- October 21, 2024
- 11:45 AM
- 0
-
Police seize over 100 malware loader servers, arrest four cybercriminals
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC.
- May 30, 2024
- 04:35 AM
- 1
-
Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
- February 13, 2024
- 10:41 AM
- 0
-
Bumblebee malware returns in new attacks abusing WebDAV folders
The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse 4shared WebDAV services.
- September 18, 2023
- 12:47 PM
- 0
-
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks.
- June 26, 2023
- 12:39 PM
- 0
-
Google ads push BumbleBee malware used by ransomware gangs
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace.
- April 22, 2023
- 10:08 AM
- 0
-
Bumblebee malware adds post-exploitation tool for stealthy infections
A new version of the Bumblebee malware loader has been spotted in the wild, featuring a new infection chain that uses the PowerSploit framework for stealthy reflective injection of a DLL payload into memory.
- September 08, 2022
- 04:51 PM
- 0
-
Malicious Windows 'LNK' attacks made easy with new Quantum builder
Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack.
- June 23, 2022
- 11:04 AM
- 0
-
InQuest Labs: Man + Machine vs Business Email Compromise (BEC)
Attackers only have to be right once while defenders need to be right 100% of the time. To help combat this asymmetric disadvantage, InQuest provides an open research portal that combines crowdsourced efforts with machine learning to combat the likes of Bumblebee and other BEC related threats.
- June 15, 2022
- 10:01 AM
- 0
-
New Bumblebee malware replaces Conti's BazarLoader in cyberattacks
A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads.
- April 28, 2022
- 07:45 AM
- 0
