Loader
Bumblebee
First seen: 2022-03 • Status: active
Currently Active Threat
Bumblebee is the new favorite tool for ransomware gangs to get into your network.
Overview
Bumblebee is a loader that replaced BazarLoader and delivers ransomware.
Also Known As
BumbleBee Loader
How It Spreads
- • Phishing emails
- • ISO files
- • OneNote attachments
What It Does
- • Downloads Cobalt Strike
- • Enables ransomware
- • Reconnaissance
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Block ISO files in email
- • Monitor for Cobalt Strike
MITRE ATT&CK Techniques
T1566, T1059, T1218
If You're Infected
- 1.
Hunt for Cobalt Strike beacons
Related Malware
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required