Bumblebee malware loader emerges as Conti’s BazarLoader fades

A sophisticated malware loader dubbed Bumblebee is being used by at least three cybercriminal groups that have links to ransomware gangs, according to cybersecurity researchers.

Gangs using Bumblebee have in the past used the BazarLoader and IcedID loaders – linked to high-profile ransomware groups Conti and Diavol. The emergence of Bumblebee coincides with the swift disappearance of BazarLoader in recent weeks, according to researchers with security firm Proofpoint.

The researchers note that BazarLoader’s disappearance occurred about the same time a Ukrainian researcher with access to Conti’s operations – and apparently angry with Kremlin-linked Conti’s public support for Russia’s invasion of Ukraine – started leaking information from the organization, including its ties with BazarLoader.

Read more…
Source: The Register