digital security company red canary All the details are yet to be revealed, but it has identified a new series of cybercrime that could be a major threat to businesses.
about this Raspberry Robina series of activities that start with an interesting method of infection: a pen drive must be plugged into USB ports on computers. So far, many companies in the tech and industrial sectors have been targeted, but none have been harmed by the attack.
When the flash drive is inserted into the device, worm disguises itself as an extension shortcut LNK to evade digital security platforms.
When plugged in, all from the computer’s command prompt (cmd.exe). It even uses Microsoft’s own executable to install products (Msiexec.exe) Attempting to communicate internally with potentially harmful domains, including using Tor anonymous browser networks.
In addition, the installation of a DLL file in the system is, by all indications, one of the stages of persistence of the invasion in the system.
mysteries
Problem? After all these steps, Raspberry Robin’s acting remains a mystery. Experts have not been able to find out exactly what this malware does on infected computers or whether it continues to wait for certain commands that can lead to data theft, remote administration or system security breach.
Red Canary also hasn’t been able to figure out how the infection actually happened – for example, is this an internal activity or is it a malicious person accessing the victims’ computers? Activities like this have been recorded since September 2021 and the full report on cybercrime can be viewed at this link.
Source: Tec Mundo
