As per Hacker News, Microsoft has informed of a new type of malware. Since Q4, 2022, the new malware is known to trigger payload alerts on devices of almost 1,000 organizations. This malware is used to introduce ransomware.
As per TrendMicro, the new malicious code, Raspberry Robin Malware targeted telecommunication entities from Latin America, Oceania (Australia), and Europe. The Raspberry Robin malware is transmitted through infected removable drives such as USB devices. The malware gets activated when a ‘.LNK’ file is double-clicked.
Terry Olaes, Senior Technical Director at Skybox Security, says that “Skybox Research Lab found that the malware industry has continuously churned an array of malicious software, including cryptojacking and ransomware programs, which increased by 75 percent and 42 percent, respectively, in 2021.”
According to Olaes, “Now Raspberry Robin, which caught headlines in May for its prolific worm-like spreading once a beachhead is established, has evolved its capabilities to improve detection evasion via fake payload drops if the malware detects sandboxing or being analyzed.”
According to Olaes’s analysis, this implant is “also part of the larger malware ecosystem and has been observed being a part of a threat stack in several campaigns.” He further adds that “threat actors, frequently, sell access to hacked networks to ransomware and malware platforms, such as the recent Clop gang, IcedID, Bumblebee, and Truebot attacks. In its most recent release, Raspberry Robin has significantly enhanced its obfuscation layers (ten or more) and evasive capabilities, showing the ongoing innovation that malicious actors can utilize while relying on human behavior (insertion of unknown USB sticks) to get access.
To defend enterprises from such occurrences, organizations must implement a proactive vulnerability management strategy to review the entire threat landscape to detect exposed vulnerabilities. Enhancing the overall maturity of a company’s vulnerability management programme to enable quick remediation rather than focusing on time-consuming and expensive reactive efforts is a crucial step in decreasing malware.
Terry Olaes says that implementing a technology capable of converting the business impact of cyber risk into economic impact will assist firms in determining the level of urgency.
Dear Reader,
First, thank you for your precious time reading the stories (without paywalls) I publish on Startups to Enterprises covering the EU, China, the US, and India. Second, I request you to contribute financially (any amount) to help me sustain this as an independent digital business news media.
If I receive a request for a sponsored post, I ensure I see merit that is meaningful for erudite and informed readers like you. In the bargain, I lose out on sponsorships wherein I need funds to sustain this effort. Your contribution helps me stay afloat.
Please note that your contribution is treated as revenue generated and not a donation; hence, there are no 80G or other donation certificates. In fact, as I am eligible to pay for the revenue generated, I will pay taxes on the same.
You deserve to know that I abide by journalistic ethics and practices to ensure I tell the stories as is, unbiased. You can follow us on Facebook, Linkedin, and Twitter, bookmark us on Google News, and finally, PayPal us here.
Founding Editor
Linda Ashok