The Bumblebee malware is being used again by cybercriminals after an absence of several months. IT security experts recently identified an email campaign that misused the brand of electronic device manufacturer Humane to trick recipients into downloading the Bumblebee malware.
The return of Bumblebee comes amid a rise in cybercriminal activity following a long absence of many cybercriminals and certain types of malware. The cybercriminal groups TA576 and TA866 recently resurfaced with email campaigns after months of activity. Post-exploitation operator TA582 and the aerospace-focused group TA2541 both reappeared in the threat landscape in late January. The DarkGate malware returned to TA571 email campaigns with a malware update (a new version “6.1.6”) after apparently ceasing its activity since November. Finally, the major cybercrime actors TA577, TA544 and TA558 appeared again with campaigns at the end of January after a month-long break. TA577 spread the Qbot malware, which the actor had not used since the botnet was dismantled in August.
Bumblebee's hibernation ended
Cybercriminals started 2024 with a bang: after a winter break, activity levels are very high again. Proofpoint experts continue to monitor new, creative attack chains, detection evasion attempts, and updated malware from many threat actors. Experts expect this high level of activity to continue until cybercriminals' expected summer break.
More at Proofpoint.com
About Proofpoint Proofpoint, Inc. is a leading cybersecurity company. The focus for Proofpoint is the protection of employees. Because these mean the greatest capital for a company, but also the greatest risk. With an integrated suite of cloud-based cybersecurity solutions, Proofpoint helps organizations around the world stop targeted threats, protect their data, and educate enterprise IT users about the risks of cyberattacks.
Matching articles on the topic