New JavaScript Malware Dropper Discovered, Deploying Bumblebee and IcedID
Deep Instinct's Threat Research Lab has detected a new strain of a JavaScript-based dropper delivering Bumblebee and IcedID malware. The dropper includes Russian comments and utilizes the user-agent string "PindOS," possibly reflecting anti-American sentiment in Russia. Bumblebee, discovered in March 2022, serves as a malware loader associated with the Conti group and acts as a primary distribution method for various types of malware, while IcedID is a modular banking malware focused on stealing financial information. This switch to JavaScript represents a notable departure from Bumblebee's traditional tactics, primarily relying on PowerShell. Read more...