The Reveal Platform
Intel Name: From bing search to ransomware: bumblebee and adaptixc2 deliver akira
Date of Scan: August 6, 2025
Impact: High
Summary: Bumblebee malware has been used for initial access since 2021, with SEO poisoning reported as a delivery method in 2023. In 2025, campaigns impersonating IT tools delivered trojanized software, leading to Bumblebee infections and Akira ransomware deployment. Threat actors leveraged this access to move laterally, steal credentials, install persistent tools, and exfiltrate data. The attacks escalated to full network compromise, encrypting both root and child domains, causing major operational disruption.
