Flight of the Bumblebee: Email Lures and File Sharing Services Lead to Malware

Among the threat actors distributing Bumblebee is Projector Libra. Also known as EXOTIC LILY, Projector Libra is a criminal group that uses file sharing services to distribute malware after direct email correspondence with a potential victim. Projector Libra has been reported as an initial access broker with ties to Conti ransomware.

REFERENCE: https://unit42.paloaltonetworks.com/bumblebee-malware-projector-libra/

TAGS: Bumblebee, Email, Malware, Projector Libra, EXOTIC LILY

ADVERSARY: Projector Libra

MALWARE FAMILIES: Bumblebee, BazarLoader

ATT&CK IDS: T1547 - Boot or Logon Autostart Execution, T1566 - Phishing, T1564 - Hide Artifacts

Read More:

https://otx.alienvault.com/pulse/62ecd6d6e589cedd8dfb4235