IT House on July 3rd that in the field of network security, the struggle between attacks and defense is eternal. Therefore, we often see that a certain program is revealed or backdoor. What companies are attacked and causes data leaks, and even large companies such as Google, Apple, and Microsoft on the head may resist countless cyber attacks every day.
Now, Microsoft issued a warning that there is a high -risk worm infected by hundreds of Windows enterprise networks.
This malicious software is called "Raspberry Robin", which is mainly transmitted through the infected USB device.
The infected USB device contains a .lnk file. As long as the user clicks this file, "Rasalbell knows that the bird" will automatically create a msiexec.exe process and start another malicious file. Then, it will communicate with the command and control server through a short URL. If it is successfully connected to the server, it will download and install a bunch of other malicious .dll, and then these .dll tried to connect to the TOR node.
The IT House learned that "Raspberry Knowing Birds" is not a new malicious software. The virus was discovered by multiple security experts as early as & nbsp; in 2021, and Microsoft even saw evidence of using the virus in 2019.
According to Bleeping Computer, Microsoft is now informing the danger of DEFENDER for Endpoint subscriber about Raspberry Robin. Microsoft also pointed out that the worm has been found in hundreds of Windows networks in multiple departments.
In other words, although the attacker behind it successfully infected a large number of machines through this virus, he did not make any threats to users or use the vulnerability to obtain sensitive information and deploy ransomware.
Therefore, it is unclear which hacker tissue is the behavior of these worm viruses, and it is not clear what their ultimate purpose is. However, considering the possibility of "evolution" in this worm, and it is currently spreading quickly, Microsoft has marked it as the current high -risk activity.
▲ & nbsp; raspberry robin & nbsp; infection process (Red Canary)