Le Lézard
Classified in: Science and technology
Subject: ACC

Major UK Retailer Stops Novel Malware Attack With Darktrace AI


Company Targeted by 'BumbleBee', a Sophisticated Malware Loader

CAMBRIDGE, England, May 19, 2022 /PRNewswire/ -- Darktrace, a global leader in cyber security AI, today announced that a UK retailer used Darktrace's AI to stop a cyber-attack attempting to leverage 'BumbleBee', a new malware loader known to be used by Russia-based ransomware group Conti among other cyber-criminal entities.

The company, a major UK retailer founded over 20 years ago, was leveraging Darktrace's Self-Learning AI when it was targeted by a cyber-attack. The AI had established an evolving understanding of 'normal' for the company's operations in order to detect the subtle indicators of an emerging cyber-threat.

In the early hours of one morning in April, Darktrace's AI detected that an internal device was communicating unusually with multiple external endpoints. The AI began investigating the activity in real time and the company's security team were alerted to potentially malicious activity, enabling them to take the compromised device offline before malware could spread through the organization.

The AI was able to detect the activity without any need for new threat signatures or a feed of threat intelligence, while human analysis was then used to identify the explicit strain of malware. BumbleBee is believed to have replaced Conti's 'BazarLoader', which the Russia-based group infamously used to deploy ransomware. Loaders typically serve as the first stage of a cyber-attack, offering cyber-criminals the ability to deploy malicious code at scale, and serve as a bridgehead into compromised networks to push other malware, including ransomware.

"We've seen a dangerous surge in malware loader activity in recent months as attackers seek out new techniques that will avoid traditional methods of detection," commented Toby Lewis, Darktrace's Global Head of Threat Analysis. "These attack tools, particularly novel variants like BumbleBee, illustrate the need for cutting-edge technology like AI that understands the shades of grey in very complex systems. Defenders shouldn't have to wait for the release of threat indicators and threat intelligence before they are able to detect and respond to these attacks."

About Darktrace

Darktrace (DARK:L), a global leader in cyber security AI, delivers world-class technology that protects over 6,800 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace's fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the Group has more than 2,000 employees worldwide. Darktrace was named one of TIME magazine's 'Most Influential Companies' for 2021.

Media Contacts

Tom Bermingham
Brands2Life (UK)
+44 (0) 7983 857952
darktrace@brands2life.com

Jessica Cheney
CommStrat (US)
+1 419 350 4614
darktrace@commstrat.com


These press releases may also interest you

at 07:45
The IT Consulting market size is expected to grow by USD 131.35 Billion by 2025, at a Compound Annual Growth Rate (CAGR) of 9.19% during the forecast period. To know more about this market....

at 06:55
Computer recycling? Laptop recycling? Canada wide? Calgary recycling? Toronto recycling? Vancouver recycling? The Electronic Recycling Association (ERA) is calling out to all businesses and individuals to donate their unwanted computers and laptops...

at 06:16
HUB Cyber Security (Israel) Limited , a developer of Confidential Computing cybersecurity solutions and services ("HUB" or the "Company"), announced today Hugo Goldman, CPA, will join the company as Company Chief Financial Officer...

2 jui 2022
The value of trade between the Hong Kong Special Administrative Region (HKSAR) and the Chinese mainland has surged more than sixfold from $50.77 billion to $360.33 billion, an average annual increase of 8.5 percent since the Hong Kong's return to the...

2 jui 2022
Premier Tech Home Security, a leader in providing security systems to homes in businesses in Middle Tennessee, is proud to announce the launch of their new website. Though the company offers their services across a wide geographic area, customers can...

2 jui 2022
Peng Liyuan, wife of Chinese President Xi Jinping, on Thursday visited the Xiqu Center in Hong Kong's West Kowloon Cultural District, a venue for the art of Chinese traditional theater.  She watched rehearsals of Cantonese opera performances and a...



News published on 19 may 2022 at 04:30 and distributed by: