image credit: Adobe Stock

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

February 14, 2024


The Bumblebee malware loader seemingly vanished from the internet last October, but it’s back and – oddly – relying on a vintage vector to try and gain access.

First spotted in 2022 by researchers at Proofpoint – who identified it as an apparent replacement for BazarLoader – Bumblebee was originally used by high-profile ransomware groups including Russia-linked Conti.

Now it has been spotted buzzing back to life. But it’s using a “significantly different” attack chain this time – relying on malicious VBA macros, of all things, which suggests it might not be in the hands of the same skilled operators who created it.

Read More on The Register