• For Enquiry
  • 847-868-9253
  • 847-868-9208
  • Home
  • Why Choose CIO Landing?
    • Our Team
    • Success Stories
    • ‘8 Things’ We Do Better
    • Partners & Certifications
    • Our Services
  • Industry Expertise
    • Manufacturing
    • Medical
    • Education
    • Financial Services
    • Non-Profit
    • Law Firms
  • IT Solutions
    • Co-Managed Service
    • Managed IT Services
    • IT Support
      • On Demand Services
      • Office Moves & Wiring
      • Security
    • Server Management
    • Backup & Disaster Recovery
    • Cloud Services
    • CIO & IT Consulting
    • Cybersecurity Services
    • VoIP
    • Managed Firewall
    • Microsoft 365
      • Microsoft 365 Plans
        • Small Business
        • Enterprise
        • Education
    • Hardware & Software Sales
    • Email & Spam Protection
  • Resources
    • Free Copy Of New Book
    • Blog
    • Newsletter
    • Video Tips
      • Video Tips Archive
    • Free Cloud Report
    • IT Buyers Guide
    • Cybersecurity Crisis Report
    • Network Audit
    • COVID 19 Resources
    • In The NEWS
    • Online Training
  • About Us
    • Our Mission
    • Leadership
    • Teams
    • Referral Program
    • Press Releases
      • CIO Landing: More Than Just an IT
      • Small businesses can have an IT department too
      • CIO Landing, Inc. has joined forces with Banc Certified Merchant Services (BCMS).
    • Affiliations
    • Careers
      • Job Descriptions
    • FAQs
    • Causes We Support
    • Privacy Policy
    • Terms & Conditions
  • Locations
    • Northfield, IL
    • Northbrook, IL
    • Chicago, IL
    • Miami, FL
  • Support
✕
Microsoft Edge Browser To Get Free Limited VPN
May 23, 2022
How To Prepare For Gen Z In The Workforce Be Proactive and Update Your Cyber Security Practices
May 24, 2022

New Delivery Method For Ransomware Discovered Called Bumblebee

May 24, 2022

Some interesting and disturbing changes are afoot in the hacking world.  It appears that the TrickBot gang is now working for the Conti Syndicate. TrickBot is a well-known group of botnet developers responsible for the creation of the BazarLoader. BazarLoader has been used by Conti in the past as their delivery system of choice when it comes to delivering ransomware as part of one of their sophisticated phishing campaigns.

Now though, the Conti Syndicate has a new tool at their disposal.  A newly developed malware loader dubbed Bumblebee.  Eli Salem is a seasoned malware reverse engineer at Cyberreason. Salem says that the techniques used by Bumblebee are similar to those used by BazarLoader. This suggests that they were developed by the same team, which points the way back to TrickBot.

So TrickBot’s developers made a new toy for the Conti Syndicate. Since Bumblebee became available, security researchers at Proofpoint and other organizations have been seeing evidence that other groups are switching away from BazarLoader and IcedID (also highly similar) in preference for Bumblebee.

Although similar in its overall structure to BazarLoader, Bumblebee appears to be a more advanced version.

It can  support a wide range of commands, including but not limited to:

  • Shi: shellcode injection
  • Dij: DLL injection in the memory of other processes
  • Dex: Download executable
  • dl: uninstall loader
  • And Ins: enable persistence via a scheduled task for a Visual Basic Script that loads Bumblebee

Worse is that there is clear evidence that Bumblebee is being actively developed and gains new features and capabilities with every update.

As of the update observed on April 19th, for example, the malicious code now supports multiple command-and-control servers. The development team has recently added an encryption layer that makes it more difficult to track communications to and from the command-and-control server.

What this means in terms of the bigger picture is anyone’s guess. It seems clear that there’s a growing level of cooperation and coordination in the hacking world lately, and that should scare just about everyone.

Share
40
taylor
taylor

Related posts

March 10, 2025

The Hidden Threat: How Gift Card Scams Are Targeting Businesses Like Yours

Read more
February 11, 2025

CIO Landing Named to CRN’s MSP 500 List for 2025—For the Third Year in a Row!

Read more
December 4, 2024

Unlocking the Power of Windows 11: Tips for Maximum Productivity

Read more
© 2025 All Rights Reserved | Powered by CIO Landing