Bumblebee
Bumblebee malware distributed via Zenmap, WinMRT SEO poisoning
The Bumblebee SEO poisoning campaign uncovered earlier this week abusing the RVTools brand is using more typosquatting domains mimicking other popular open-source projects. GeekFeed was able to find two cases leveraging the notoriety of Zenmap, the GUI for the Nmap network scanning tool, and the WinMTR tracerout utility. The Bumblebee malware loader has been pushed through at least two […]
Trojanized RVTools push Bumblebee malware in SEO poisoning campaign
In response to our questions about the attack, Dell states that the malicious RVTools installer was not distributed from its sites but rather from fake typo-squatted domains. The company also states that the Dell-managed sites, Robware.net and RVTools.com, were taken offline as they are being targeted in DDoS attacks. “Dell Technologies operates two websites to distribute our RVTools […]
Bumblebee malware returns after recent law enforcement disruption
The Bumblebee malware loader has been spotted in new attacks recently, more than four months after Europol disrupted it during ‘Operation Endgame’ in May. Believed to be the creation of TrickBot developers, the malware emerged in 2022 as a replacement for the BazarLoader backdoor to provide ransomware threat actors access to victim networks. Bumblebee typically achieves infection via phishing, malvertising, and […]