VERY IMPORTANT

Last month, Google's Threat Analysis Group (TAG) reported on EXOTIC LILY using file transfer services like TransferNow, TransferXL, WeTransfer, or OneDrive to distribute malware (link). Threat researchers like @k3dg3 occasionally report malware samples from this activity. Based on @k3dg3's recent tweet, SANS searched through VirusTotal and found a handful of active TransferXL URLs delivering ISO files for Bumblebee malware.