"Raspberry Robin Malware Spreading Through WSF Files: How to Stay Safe"

April 10, 2024 at 01:10 PM

•

1 min read

"Raspberry Robin Malware Spreading Through WSF Files: How to Stay Safe" — Photo: The Hacker News

TL;DR Summary

A new wave of the Raspberry Robin malware campaign has been discovered, spreading through malicious Windows Script Files (WSFs) since March 2024. The malware, also known as QNAP worm, has evolved into a downloader for various other payloads and is linked to the broader cybercrime ecosystem. The latest distribution vector involves the use of heavily obfuscated WSF files offered for download via various domains and subdomains, with the malware employing anti-analysis and anti-virtual machine techniques to evade detection. Additionally, it configures Microsoft Defender Antivirus exclusion rules to avoid being scanned, posing a serious infection risk.

Topics:technology #cyber-crime #cybersecurity #malware #raspberry-robin #wsf-files

Share this article

Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files The Hacker News
Hackers are using this little-known file type to drop a nasty Windows worm on vulnerable PCs — how to stay safe Tom's Guide
Raspberry Robin observed spreading via Windows Script Files SC Media
The Early Bird Catches the Worm: Darktrace's Hunt for Raspberry Robin Darktrace
Raspberry Robin Malware Now Using Windows Script Files to Spread Security Boulevard

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

77%

417 → 95 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights