Tracking Bumblebee’s Development
Suweera De Souza 🗣
In March 2022, a new buzz called Bumblebee appeared in the eCrime scene. This loader is built to execute tasks from its command-and-control (C2), and deliver payloads such as CobaltStrike. But its development doesn’t stop there. In the span of less than a year, Bumblebee has been through several incremental updates, to such an extent, that this malware may be one of the most actively maintained malware families out there.
This presentation aims to get a sense of the operator’s development process behind Bumbleebee – how it changes and adapts in response to current endpoint defense efforts– and how its techniques compare to other botnet families.