New Bumblebee malware loader increasingly adopted by cyber threat groups


A recently uncovered malware loader called Bumblebee has been found to be connected to a number of prominent ransomware groups and has been a key component of many cyberattacks. New findings by the Symantec Threat Hunter Team, part of Broadcom Software, discovered that the tool has links to threat groups such as Conti, Quantum and Mountlocker, per the team’s blog entry.

According to Symantec’s Threat Hunter Team, the Bumblebee loader may have been used as a replacement for Trickbot and BazarLoader, due to the overlap in recent activity involving Bumblebee and older attacks linked to these loaders.

“[Bumblebee] appears to have replaced a number of older loaders, which suggests that it is the work of established actors and that the transition to Bumblebee was pre-planned,” the team wrote in its blog post.

Read more…