Re: Windows 7 Loader 4shared

[Lorean Hoefert]

Intel471's researchers report that Bumblebee's latest campaign, which started on September 7, 2023, abuses the 4shared WebDAV services to distribute the loader, accommodate the attack chain, and perform several post-infection actions.

The analysts have also spotted an updated version of the Bumblebee malware loader being used in this campaign, which has switched from using the WebSocket protocol to TCP for command and control server (C2) communications.

Windows 7 Loader 4shared

Download File https://vittuv.com/2yVpzH

Additionally, the new loader has abandoned the use of hardcoded C2 addresses. It now uses a domain generation algorithm (DGA) to generate 100 domains on the ".life" top-level domain (TLD) space upon execution.

Also, adopting DGA makes it harder to map Bumblebee's infrastructure, block its domains, and significantly disrupt its operations, adding additional complexity in implementing preventive action against the malware loader.

You can still view and access your activities on Windows Timeline as long as they are synced with your Microsoft account. To see all activities from your Microsoft account in your Windows Timeline, double-check the settings on your device in Settings > Privacy > Activity history, then select the check box next to Let Windows store my activities from this device and Send my activity history to Microsoft. Learn more about your Windows 10 activity history and your privacy here: -us/help/4468227/windows-10-activity-history-and-your-privacy-microsoft-privacy

aa06259810