The Return Of BumbleBee Malware
"Bumblebee malware reappeared in the cyber threat landscape on February 8 2024 following a four-month hiatus. This sophisticated downloader has been favored by multiple cybercriminal groups since its debut in March 2022 until October 2023. In the latest campaign thousands of emails targeted US organizations with the subject ""Voicemail February"" containing OneDrive URLs leading to Word documents posing as files from the consumer electronics company Humane. These documents such as ""ReleaseEvans96.docm"" utilized VBA macro-enabled scripts to execute multiple PowerShell commands. This use of VBA macro-enabled documents is noteworthy as it deviates from the trend of cybercriminals moving away from them especially in attacks aiming to facilitate initial access for subsequent ransomware operations."