Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
The malware, dubbed Raspberry Robin, spreads via infected USB devices, and it was first spotted in September 2021 by Red Canary intelligence analysts.
Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command and control servers (C2) servers in early November [PDF], while Microsoft said it found malicious artifacts linked to this worm created in 2019.
Redmond’s findings align with those of the Red Canary’s Detection Engineering team, which also detected this worm on the networks of multiple customers, some of them in the technology and manufacturing sectors.
Although Microsoft observed the malware connecting to addresses on the Tor network, the threat actors are yet to exploit the access they gained to their victims’ networks…
Microsoft has tagged this campaign as high-risk, given that the attackers could download and deploy additional malware within the victims’ networks and escalate their privileges at any time…
*0Patch fix in the works ?
|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
-
Microsoft finds ‘Raspberry Robin’ worm in hundreds of Windows networks
- This topic has 5 replies, 4 voices, and was last updated 2 years, 10 months ago.
AuthorViewing 1 reply threadAuthor-
-
-
*0Patch fix in the works ?
Per the article you quoted above,
Microsoft shared this info in a private threat intelligence advisory sent to Microsoft Defender for Endpoint subscribers…
The above suggests that 0Patch will be hands off on this one, that it will be remediated by Microsoft by including a definition or engine update to Defender and by similar measures from other anti-crapware suite vendors.
1 user thanked author for this post.
-
Viewing 1 reply thread
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
You can’t handle me
by 2 hours, 8 minutes ago
-
Chrome Can Now Change Your Weak Passwords for You
by 6 minutes ago
-
Microsoft: Over 394,000 Windows PCs infected by Lumma malware, affects Chrome..
by 7 hours, 29 minutes ago
-
Signal vs Microsoft’s Recall ; By Default, Signal Doesn’t Recall
by 7 hours, 40 minutes ago
-
Internet Archive : This is where all of The Internet is stored
by 7 hours, 53 minutes ago
-
iPhone 7 Plus and the iPhone 8 on Vantage list
by 7 hours, 58 minutes ago
-
Lumma malware takedown
by 15 hours, 12 minutes ago
-
“kill switches” found in Chinese made power inverters
by 16 hours, 46 minutes ago
-
Windows 11 – InControl vs pausing Windows updates
by 16 hours, 40 minutes ago
-
Meet Gemini in Chrome
by 20 hours, 45 minutes ago
-
DuckDuckGo’s Duck.ai added GPT-4o mini
by 20 hours, 54 minutes ago
-
Trump signs Take It Down Act
by 1 day, 4 hours ago
-
Do you have a maintenance window?
by 16 hours, 2 minutes ago
-
Freshly discovered bug in OpenPGP.js undermines whole point of encrypted comms
by 7 hours, 5 minutes ago
-
Cox Communications and Charter Communications to merge
by 1 day, 8 hours ago
-
Help with WD usb driver on Windows 11
by 1 day, 13 hours ago
-
hibernate activation
by 1 day, 17 hours ago
-
Red Hat Enterprise Linux 10 with AI assistant
by 1 day, 20 hours ago
-
Windows 11 Insider Preview build 26200.5603 released to DEV
by 2 days ago
-
Windows 11 Insider Preview build 26120.4151 (24H2) released to BETA
by 2 days ago
-
Fixing Windows 24H2 failed KB5058411 install
by 20 hours, 6 minutes ago
-
Out of band for Windows 10
by 2 days, 4 hours ago
-
Giving UniGetUi a test run.
by 2 days, 11 hours ago
-
Windows 11 Insider Preview Build 26100.4188 (24H2) released to Release Preview
by 2 days, 19 hours ago
-
Microsoft is now putting quantum encryption in Windows builds
by 15 hours, 6 minutes ago
-
Auto Time Zone Adjustment
by 2 days, 23 hours ago
-
To download Win 11 Pro 23H2 ISO.
by 2 days, 21 hours ago
-
Manage your browsing experience with Edge
by 2 hours, 30 minutes ago
-
Fewer vulnerabilities, larger updates
by 1 day, 14 hours ago
-
Hobbies — There’s free software for that!
by 14 hours, 35 minutes ago
Remembering Woody
