Are You Having A Technology Emergency?

Martech Business Solutions Blog

Martech Business Solutions has been serving the Michigan area since 1988, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

What is Raspberry Robin? Today We Take a Look at the New Computer Worm

What is Raspberry Robin? Today We Take a Look at the New Computer Worm

It always helps to be a little skeptical of any new USB drives appearing in the workplace, especially if you are security-minded. Distributing threats via USB drives is a common practice amongst hackers, and a new threat called Raspberry Robin has the potential to be a serious problem for unsecured businesses with poor security hygiene.

Discovered in Europe by the Red Canary intelligence analysts, Raspberry Robin has been causing problems for Windows users since September of 2021. If your organization uses the Windows operating system, then you will want to educate yourself on this threat so you can potentially dodge it in the future.

How Does Raspberry Robin Work?

Raspberry Robin works when an infected USB drive is plugged into a computer. It shows the user an infected .LNK file which executes a msiexec process through the command prompt. From here, a BAT file with two commands is executed, one of which manages Windows features and another which configures Open Database Connectivity. Combined they make for a rather difficult threat to detect.

MakeUseOf describes the attack process further: “Compromised QNAP NAS (Network-Attached Storage) devices are also exploited in the Raspberry Robin infection process, wherein the attacker uses HTTP requests that contain the victim’s user and device names after the .LNK file is downloaded. The worm uses a malicious DLL (Dynamic-Link Library) from a compromised QNAP device to gain access to and control over one's system.”

How Does This Threat Spread?

Although this threat is known to spread through infected USB devices, it’s not currently known exactly how it spreads from one device to another.

What Is the Endgame Here?

Security researchers don’t know much about Raspberry Robin, and the end goal is just as unknown. A threat like this that lurks in the background and is able to hide itself effectively makes us think that it could be used to steal data or install further threats on networks, though.

Here’s What You Should Know

If you want to ensure that you stay safe from Raspberry Robin, we recommend that you treat USB devices and drives with caution. Basically, don’t go plugging in any old USB drive that you find on the side of the road or on the ground outside your office without first reporting it to IT for a security analysis. Even if it looks inconspicuous, be very wary of plugging in unknown USB drives.

Through comprehensive security solutions and educational training, Martech Business Solutions can help your team be more cognizant and compliant with your organization’s security policies. We believe that the best way to keep threats from becoming bigger problems is through preventative measures.  To learn more about how you can implement these for your business, contact us today at (248) 844-8250.

How Long a Laptop Should Last (and How to Tell Whe...
Advanced Collaboration Can Significantly Speed Up ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Sunday, 02 October 2022

Captcha Image

Contact Us

Learn more about what Martech Business Solutions can do for your business.

Call Us Today
Call us today
(248) 844-8250

30233 Dequindre Rd
Suite B

Madison Heights, Michigan 48071

Latest Blog

We know we hype up multi-factor authentication, or MFA, quite a bit on this blog, and for good reason. When implemented correctly, it can be an effective deterrent for many cyberthreats out there. However, as they often do, hackers have fou...
TOP