Bumblebee, an enterprise-targeting malware, is being distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. It is believed to have been developed by the Conti team as a replacement for the BazarLoader backdoor, which is used for gaining initial access to networks and conducting ransomware attacks. In September 2022, a new version of the malware loader was discovered that uses the PowerSploit framework for reflective DLL injection into memory, making its attack chain stealthier. Bumblebee is a significant threat to enterprises, and companies should be aware of the danger it poses.
Read the full article here.
