From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated cyber attack campaign leveraged SEO poisoning to compromise organizations through trojanized IT management tool installers. The attack began when users searching for ManageEngine OpManager were directed to a malicious website, downloading a compromised MSI file that installed Bumblebee malware. The threat actors then deployed AdaptixC2 beacons, performed internal reconnaissance, created privileged accounts, and installed RustDesk for persistence. They exfiltrated data via SFTP and ultimately deployed Akira ransomware across the network. The campaign affected multiple organizations, with time to ransomware ranging from 9 to 44 hours after initial access. The attackers used various tools and techniques for lateral movement, credential theft, and defense evasion.
OPENCTI LABELS :
ransomware,data exfiltration,lateral movement,bumblebee,credential theft,seo poisoning,akira,adaptixc2,rustdesk,it management tools
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira