As per Hacker News, Microsoft has informed of a new type of malware. Since Q4, 2022, the new malware is known to trigger payload alerts on devices of almost 1,000 organizations. This malware is used to introduce ransomware.
As per TrendMicro, the new malicious code, Raspberry Robin Malware targeted telecommunication entities from Latin America, Oceania (Australia), and Europe. The Raspberry Robin malware is transmitted through infected removable drives such as USB devices. The malware gets activated when a ‘.LNK’ file is double-clicked.
Terry Olaes, Senior Technical Director at Skybox Security, says that “Skybox Research Lab found that the malware industry has continuously churned an array of malicious software, including cryptojacking and ransomware programs, which increased by 75 percent and 42 percent, respectively, in 2021.”
According to Olaes, “Now Raspberry Robin, which caught headlines in May for its prolific worm-like spreading once a beachhead is established, has evolved its capabilities to improve detection evasion via fake payload drops if the malware detects sandboxing or being analyzed.”
According to Olaes’s analysis, this implant is “also part of the larger malware ecosystem and has been observed being a part of a threat stack in several campaigns.” He further adds that “threat actors, frequently, sell access to hacked networks to ransomware and malware platforms, such as the recent Clop gang, IcedID, Bumblebee, and Truebot attacks. In its most recent release, Raspberry Robin has significantly enhanced its obfuscation layers (ten or more) and evasive capabilities, showing the ongoing innovation that malicious actors can utilize while relying on human behavior (insertion of unknown USB sticks) to get access.
To defend enterprises from such occurrences, organizations must implement a proactive vulnerability management strategy to review the entire threat landscape to detect exposed vulnerabilities. Enhancing the overall maturity of a company’s vulnerability management programme to enable quick remediation rather than focusing on time-consuming and expensive reactive efforts is a crucial step in decreasing malware.
Terry Olaes says that implementing a technology capable of converting the business impact of cyber risk into economic impact will assist firms in determining the level of urgency.
