Fake Zenmap, WinMRT sites target IT staff with Bumblebee malware
The Bumblebee malware SEO poisoning campaign uncovered earlier this week impersonating RVTools is using more typosquatting domains mimicking other popular open-source projects to infect devices used by IT staff.
BleepingComputer was able to find two cases leveraging the notoriety of Zenmap, the GUI for the Nmap network scanning tool, and the WinMTR tracerout utility.
Both of these tools are commonly used by IT staff to diagnose or analyze network traffic, requiring administrative privileges for some of the features to work This makes users of these tools prime targets for threat actors looking to breach corporate networks and spread laterally to other devices.
Read more at Bleeping Computer