News

Microsoft warns companies about Raspberry Robin worm in networks

By admin
Spread the love

Microsoft has warned dozens of companies about a worm that has probably been circulating in Windows corporate networks since last year. The Raspberry Robin worm spreads through USB devices and has been found in the networks of hundreds of companies.

The worm was discovered last year by researchers at cybersecurity firm Red Canary. Raspberry Robin is spreading to new Windows systems via infected USB drives containing an infected LNK file. Once the worm gains access to the network, it spreads to other devices and systems. Through the systems, it communicates with its command-and-control servers and executes malware payloads through legitimate Windows functions such as msiexec or odbcconf.

“Raspberry Robin uses msiexec.exe to set up remote network communications to a malicious domain for command-and-control purposes”, says Microsoft according to Bleeping Computer. The company labels Raspberry Robin as a ‘high security risk’. Microsoft has observed that the malware connects to addresses on the Tor network, but has not yet accessed the victims’ networks. Still, the attackers could strike at any moment and spread more malware through the infected networks, the company warns. It is not known who distributed Raspberry Robin and for what purpose.

Source: Red Canary

You might also like
News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

‘Microsoft wants to postpone deadline for Activision Blizzard…

News

Rumor: EU starts investigation into Microsoft for including Teams with Office