Analysis of BumbleeBee: a new trendy loader for Initial Access Brokers 🐝

First reported in March 2022, BumbleBee is a new malicious loader used by several Initial Access Brokers (IABs) to gain an initial foothold within victims' networks. SEKOIA.IO analysts have been monitoring this threat for several months and have just published a FLINT (Flash Intelligence Report) in which you can find a summary of this threat and details on our analysis of BumbleBee. Many exclusive Indicators of Compromise (IoCs) related to this threat can be found in the the Intelligence Center in the [BumbleBee malware page]( Our C2 trackers are proactively collecting network IoCs, while our YARA trackers are gathering BumbleBee hashes. ![changelog_flint_bumblebee.png](BASE/products/901462981/changelog/10690/inline-eac5d641548ea2297a69ee75c5dee964.jpg) Related Resource: * [FLINT 2022-029 - BumbleBee: a new trendy loader for Initial Access Brokers](