Bumblebee Malware SEO Poisoning Campaign Leads to Akira Ransomware Deployment
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A coordinated threat campaign has been identified leveraging SEO poisoning to distribute Bumblebee malware via trojanized installers of IT management tools. The campaign targets users searching for legitimate software like ManageEngine OpManager. Upon execution, Bumblebee establishes initial access, enabling lateral movement, credential dumping, deployment of remote access tools, and data exfiltration. The intrusions often end with the deployment of Akira ransomware, resulting in severe operational disruptions. Multiple organizations have been impacted, with various security teams reporting consistent patterns of compromise.
OPENCTI LABELS :
data exfiltration,lateral movement,initial access,bumblebee,seo poisoning,akira,credential dumping,akira ransomware,trojanized installers
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Bumblebee Malware SEO Poisoning Campaign Leads to Akira Ransomware Deployment