Bumblebee Being Distributed in Korea Through Email Hijacking

From asec.ahnlab.com

The ASEC analysis team has recently discovered the active distribution of Bumblebee, a downloader type malware. It is distributed using phishing emails in ISO file, and this file contains a shortcut and malicious DLL file. There were also cases of malware being distributed to Korean users through email hijacking.

The image below shows phishing emails distributing Bumblebee. They hijacked normal emails and were sent to users as replies with malicious attachments. Users who receive the email may open the attachment thinking that it is a normal reply, therefore, caution is advised. Other phishing emails are also being distributed using the email hijacking method. Phishing emails may also include malicious URLs to prompt users to download files. This method uses Google Drive for the distribution.

Read more…