The Raspberry Robin worm uses new tactics to evade detection and seeks to confuse security experts if it runs in a sandbox or notices debugging tools. To do this, the malware uses fake payloads, Trend Micro experts say. Let me remind you that Raspberry Robin is a dropper that has the functionality of a worm,… Continue reading Raspberry Robin Worm Uses Fake Malware to Trick Security Researchers
Tag: Raspberry Robin
New Version of Truebot Exploits Vulnerabilities in Netwrix Auditor and Raspberry Robin Worm
Information security experts warned of an increase in the number of infections with the new version of TrueBot, primarily targeting users from Mexico, Brazil, Pakistan and the United States. According to Cisco Talos, malware operators have now moved from using malicious emails to alternative delivery methods, including exploiting an RCE vulnerability in Netwrix Auditor, as… Continue reading New Version of Truebot Exploits Vulnerabilities in Netwrix Auditor and Raspberry Robin Worm
Raspberry Robin Worm Operators Now Trade Access
Microsoft researchers reported that the operators of the hack group, which they track under the ID DEV-0950, used the Clop ransomware to encrypt the network of a victim previously infected with the Raspberry Robin worm. Let me remind you that the first Raspberry Robin malware was found by analysts from Red Canary. In the spring… Continue reading Raspberry Robin Worm Operators Now Trade Access
Microsoft Links Raspberry Robin Worm to Evil Corp
Microsoft analysts have noticed that the access broker, which the company tracks as DEV-0206, is using the Raspberry Robin Windows worm to deploy the malware loader on networks where traces of malicious activity by Evil Corp are also detected. Let me remind you that we also wrote that The Austrian Company DSIRF Was Linked to… Continue reading Microsoft Links Raspberry Robin Worm to Evil Corp