Raspberry Robin Worm Infects Hundreds of Windows Networks
See Also: Microsoft Introduces Defender App for Windows, Android, macOS & iOS This worm then launches a msiexec process and runs a malicious file also present on the device. After that, it establishes the connection with a server and starts downloading and installing the malicious DLLs. The legitimate Windows utility odbcconf.exe is then used to execute the DLLs while the worm repeatedly attempts to connect to Tor network nodes. At least some of the command and control servers being used are thought to be infected with QNAP NAS devices. This worm has the ability to bypass Windows User Account Control (UAC) and has already proven it can use the utilities available to the OS. Although the exact goal of this malware is not clear yet. However, it controls the network and could easily download and deploy the new malware quickly. Microsoft has flagged Raspberry Robin as a high-risk campaign. The best way to avoid this malware is to first scan the external device with a powerful antivirus. If the device is free of viruses and malware then go ahead to use this device. Surely, Microsoft will also bring the security update to make the devices virus-free. Check Also: Beware! This “Raspberry Robin” Malware May Harm Your Data
