{"id":480,"date":"2022-05-24T15:00:52","date_gmt":"2022-05-24T15:00:52","guid":{"rendered":"https:\/\/www.maisetechnology.com\/?p=480"},"modified":"2022-11-10T17:40:48","modified_gmt":"2022-11-10T17:40:48","slug":"new-delivery-method-for-ransomware-discovered-called-bumblebee","status":"publish","type":"post","link":"https:\/\/www.maisetechnology.com\/2022\/05\/24\/new-delivery-method-for-ransomware-discovered-called-bumblebee\/","title":{"rendered":"New Delivery Method For Ransomware Discovered Called Bumblebee"},"content":{"rendered":"

[vc_row][vc_column][vc_column_text]\"NewSome interesting and disturbing changes are afoot in the hacking world.\u00a0 It appears that the TrickBot gang is now working for the Conti Syndicate. TrickBot is a well-known group of botnet developers responsible for the creation of the BazarLoader. BazarLoader has been used by Conti in the past as their delivery system of choice when it comes to delivering ransomware as part of one of their sophisticated phishing campaigns.<\/p>\n

Now though, the Conti Syndicate has a new tool at their disposal.\u00a0 A newly developed malware loader dubbed Bumblebee.\u00a0 Eli Salem is a seasoned malware reverse engineer at Cyberreason. Salem says that the techniques used by Bumblebee are similar to those used by BazarLoader. This suggests that they were developed by the same team, which points the way back to TrickBot.<\/p>\n

So TrickBot’s developers made a new toy for the Conti Syndicate. Since Bumblebee became available, security researchers at Proofpoint and other organizations have been seeing evidence that other groups are switching away from BazarLoader and IcedID (also highly similar) in preference for Bumblebee.<\/p>\n

Although similar in its overall structure to BazarLoader, Bumblebee appears to be a more advanced version.<\/p>\n

It can \u00a0support a wide range of commands, including but not limited to:<\/strong><\/p>\n