Security News > 2022 > July > Microsoft finds Raspberry Robin worm in hundreds of Windows networks
Microsoft says that a recently spotted Windows worm has been found on the networks of hundreds of organizations from various industry sectors.
Cybersecurity firm Sekoia also observed it using QNAP NAS devices as command and control servers servers in early November [PDF], while Microsoft said it found malicious artifacts linked to this worm created in 2019.
Although Microsoft observed the malware connecting to addresses on the Tor network, the threat actors are yet to exploit the access they gained to their victims' networks.
As already mentioned, Raspberry Robin is spreading to new Windows systems via infected USB drives containing a malicious.
Security researchers who spotted Raspberry Robin in the wild are yet to attribute the malware to a threat group and are still working on finding its operators' end goal.
Microsoft has tagged this campaign as high-risk, given that the attackers could download and deploy additional malware within the victims' networks and escalate their privileges at any time.
News URL
Related news
- Microsoft confirms Windows Server issue behind domain controller crashes (source)
- Microsoft releases emergency fix for Windows Server crashes (source)
- Microsoft confirms memory leak in March Windows Server security update (source)
- Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors (source)
- Recent Windows updates break Microsoft Connected Cache delivery (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Microsoft now testing app ads in Windows 11's Start menu (source)
- Microsoft lifts Windows 11 block on some Intel systems after 2 years (source)
- Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge (source)
- Microsoft Office LTSC 2024 preview available for Windows, Mac (source)