Malware infects users via fake software downloads

bleepingcomputer.com — May 24, 2025 at 08:01 PM UTC

A new Bumblebee malware campaign is spreading through fake websites mimicking popular open-source software, infecting users who download the malicious installers. The campaign uses typosquatting domains like zenmap[.]pro and winmtr[.]org, which rank high in search results, tricking users into downloading infected versions of Zenmap and WinMTR. These installers deliver a malicious DLL alongside the legitimate software, allowing attackers to install backdoors. This campaign also targets users seeking Hanwha WisenetViewer and Milestone XProtect. The official RVTools sites remain offline due to DDoS attacks, potentially driving users to the malicious sites.

With a significance score of 3.8, this news ranks in the top 6.9% of today's 27269 analyzed articles.

Get summaries of news with significance over 5.5 (usually ~10 stories per week). Read by 10,000+ subscribers: