According to Microsoft, a recently detected Windows worm has been discovered on the networks of hundreds of firms from numerous industry sectors.
The malware, called Raspberry Robin, spreads via infected USB devices and was discovered by Red Canary intelligence experts in September 2021.] In early November, cybersecurity company Sekoia detected it using QNAP NAS devices as command and control servers (C2) servers, while Microsoft stated it discovered harmful artefacts tied to this worm produced in 2019.
Redmond’s findings are consistent with those of Red Canary’s Detection Engineering team, which discovered this worm on the networks of several clients, including several in the technology and manufacturing industries. Despite the fact that Microsoft saw the malware communicating to Tor network addresses, the threat actors are yet to exploit the access they gained to their victims’ networks.
As already mentioned, Raspberry Robin is spreading to new Windows frameworks by means of contaminated USB drives containing a noxious .LNK document. When the USB gadget is joined and the user taps the link, the worm brings forth a msiexec interaction utilizing cmd.exe to send off a noxious document put away on the contaminated drive. It infects new Windows gadgets, speaks with its order and control servers (C2), and executes
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article. 
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: