Microsoft Finds Dangerous Worm In Windows Networks: All You Need To Know

Microsoft has noticed a harmful Windows worm on networks of a whole bunch of organisations in numerous industries, as per a report that cites a non-public risk intelligence advisory despatched to corporations by the Redmond large. The malware is named “Raspberry Robin” and spreads by USB units, the report additional stated.

As per the report by Bleeping Computer, Microsoft’s risk intelligence advisory that was shared with its Microsoft Defender for Endpoint subscribers says the Raspberry Robin worm has been noticed connecting to numerous addresses on the Tor community, however the risk actors have but to use this entry.

The group chargeable for releasing the malware is presently unknown and the corporate is actively monitoring the networks. “Raspberry Robin” was first discovered in September final 12 months by Red Canary researchers who noticed a “cluster of malicious activity”. The researchers decided that the worm spreads to new units by a malicious hyperlink file after learning an contaminated USB drive that contained a .LNK file.

As per the researchers, when the sufferer connects the contaminated USB drive, the worm begins a brand new course of through the command immediate and runs the file on the compromised laptop. The malware utilises Microsoft Standard Installer to hook up with its command and management (C2) server (msiexec.exe) after which extra malicious information are downloaded on the units.

The consultants at cybersecurity firm Sekoia additionally noticed it whereas utilizing QNAP NAS units late final 12 months.

Microsoft has categorised the current risk as “high-risk,” saying that the attackers might infect complete networks in the event that they want to.