Bumblebee → AdaptixC2 → Akira: SEO-poisoning-to-ransomware kill chain (DFIR Report; Swisscom CSIRT parallel intrusion)
incident · item:dfir-bumblebee-adaptixc2-akira-seo-poisoning-killchain
Coverage timeline
1
first 2026-06-30 → last 2026-06-30
Briefs
1
1 distinct
Sources cited
3
2 hosts
Sections touched
1
deep_dive
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-06-30CTI Daily Brief — 2026-06-30
Where this entity is cited
- deep_dive1
Source distribution
- attack.mitre.org2 (67%)
- thedfirreport.com1 (33%)
All cited sources (3)
- thedfirreport.comprimaryinlineThe DFIR Report, 2026-06-29https://thedfirreport.com/2026/06/29/from-bing-search-to-ransomware-bumblebee-and-adaptixc2-deliver-akira-3/
- attack.mitre.orginline`T1204.002` Malicious Filehttps://attack.mitre.org/techniques/T1204/002/
- attack.mitre.orginlineDLL search-order hijacking (`T1574.001`)https://attack.mitre.org/techniques/T1574/001/
Items in briefs about Bumblebee → AdaptixC2 → Akira: SEO-poisoning-to-ransomware kill chain (DFIR Report; Swisscom CSIRT parallel intrusion)
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.