top of page

Bumblebee: increasing its capacity and evolving its TTPs

The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to its many links to several well-known malware families. Bumblebee is in constant evolution, which is best demonstrated by the fact that the loader system has undergone a radical change twice in the range of a few days — first from the use of ISO format files to VHD format files containing a powershell script, then back again.


ATT&CK IDS: T1105 - Ingress Tool Transfer, T1140 - Deobfuscate/Decode Files or Information, T1102 - Web Service, T1027 - Obfuscated Files or Information, T1497 - Virtualization/Sandbox Evasion, T1205 - Traffic Signaling, T1055 - Process Injection, T1072 - Software Deployment Tools, T1059 - Command and Scripting Interpreter

Read More:



Os comentários foram desativados.
bottom of page