The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. The enterprise security firm Proofpoint reported that the activity targets organizations in the US with voicemail-themed lures containing links to OneDrive URLs. "The URLs led to a Word file with names such as "ReleaseEvans#96.docm" (the digits before the file extension varied)," the company said in a recent report. "Th
pikabot (2)
The malware loader PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. PikaBot was previously only distributed via malspam campaigns, similar to QakBot, and emerged as one of the preferred payloads for a threat actor known as TA577. The malware family, which first appeared in early 2023, consists of a loader and a core module that allows it to operate as a backdoor and a distributor for other payloads.
See: https://re
