BSGTech Blog

BSGTech has been serving the Chicagoland area since 2009, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

What is Raspberry Robin? Today We Take a Look at the New Computer Worm

What is Raspberry Robin? Today We Take a Look at the New Computer Worm

It always helps to be a little skeptical of any new USB drives appearing in the workplace, especially if you are security-minded. Distributing threats via USB drives is a common practice amongst hackers, and a new threat called Raspberry Robin has the potential to be a serious problem for unsecured businesses with poor security hygiene.

Discovered in Europe by the Red Canary intelligence analysts, Raspberry Robin has been causing problems for Windows users since September of 2021. If your organization uses the Windows operating system, then you will want to educate yourself on this threat so you can potentially dodge it in the future.

How Does Raspberry Robin Work?

Raspberry Robin works when an infected USB drive is plugged into a computer. It shows the user an infected .LNK file which executes a msiexec process through the command prompt. From here, a BAT file with two commands is executed, one of which manages Windows features and another which configures Open Database Connectivity. Combined they make for a rather difficult threat to detect.

MakeUseOf describes the attack process further: “Compromised QNAP NAS (Network-Attached Storage) devices are also exploited in the Raspberry Robin infection process, wherein the attacker uses HTTP requests that contain the victim’s user and device names after the .LNK file is downloaded. The worm uses a malicious DLL (Dynamic-Link Library) from a compromised QNAP device to gain access to and control over one's system.”

How Does This Threat Spread?

Although this threat is known to spread through infected USB devices, it’s not currently known exactly how it spreads from one device to another.

What Is the Endgame Here?

Security researchers don’t know much about Raspberry Robin, and the end goal is just as unknown. A threat like this that lurks in the background and is able to hide itself effectively makes us think that it could be used to steal data or install further threats on networks, though.

Here’s What You Should Know

If you want to ensure that you stay safe from Raspberry Robin, we recommend that you treat USB devices and drives with caution. Basically, don’t go plugging in any old USB drive that you find on the side of the road or on the ground outside your office without first reporting it to IT for a security analysis. Even if it looks inconspicuous, be very wary of plugging in unknown USB drives.

Through comprehensive security solutions and educational training, BSGtech can help your team be more cognizant and compliant with your organization’s security policies. We believe that the best way to keep threats from becoming bigger problems is through preventative measures.  To learn more about how you can implement these for your business, contact us today at (866) 546-1004.

How Long a Laptop Should Last (and How to Tell Whe...
Advanced Collaboration Can Significantly Speed Up ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login


News & Updates

BSGtech (formerly Business Solutions Group) is proud to announce the launch of our new website at www.bsgtech.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more infor...

Contact us

Learn more about what BSGtech can do for your business.

BSGtech
800 E. Business Center Dr.
Mt. Prospect, Illinois 60056

123 W Madison Street, Suite 1700
Chicago, Illinois 60602