Bumblebee Loader is a replacement for BazarLoader, which is used by Conti group to deliver ransomware. The Bumblebee infection starts through spam email. This email contains a link to further download an ISO file.
Campo is a spanish word meaning countryside, this word is referred in all URL this malware access, hence the name Campo. Campo loader is a simple and effective malware responsible for spreading other malware. It is known as the first stage payload for TrickBot, Gozi, and Zloader.
Buer is malware-as-a-service product that provide initial foothold in the victim's machine and deliver whatever payload it's owner what to deliver. It can be a RAT or Stealer. Recently it is know to be delivering ransomware like Ryuk.
BazarBackdoor is the latest tools in the TrickBot arsenal. Malware authors continues to use the COVID-19 theme to bait victims with corona virus related help or information and make the clicking and installing there malicious code.
