{"id":1344044,"date":"2024-04-11T14:32:41","date_gmt":"2024-04-11T11:32:41","guid":{"rendered":"https:\/\/windowsreport.com\/?p=1344044"},"modified":"2024-04-12T07:18:16","modified_gmt":"2024-04-12T04:18:16","slug":"hackers-are-using-the-raspberry-robin-worm-to-attack-your-device","status":"publish","type":"post","link":"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/","title":{"rendered":"Hackers are using Windows script files to spread the Raspberry Robin and steal data"},"content":{"rendered":"\n

To avoid detection, threat actors are constantly using different techniques. In addition, sometimes they bring back old ones and tweak them to fit their needs and to bypass security systems. That’s why some wrongdoers are now using a new version of the Windows worm Raspberry Robin.<\/p>\n\n\n\n

OpenAI researchers created an AI worm<\/a> a while ago. Their virus managed to bypass security systems and steal data. In addition, the AI malware is capable of infecting multiple devices. So, the new Raspberry Robin worm used by cybercriminals could be similar.<\/p>\n\n\n\n

Are computer worms still around?<\/h2>\n\n\n\n

Hackers used the Raspberry Robin worm to target tech companies and manufacturing businesses in 2021. Threat actors didn’t distribute the virus by using online methods. Instead, they sent USB flash drives to targeted organizations.<\/p>\n\n\n\n

Employees unknowingly used the infected USBs and allowed attackers access to their company’s network. However, this incident is fascinating because it shows that we are more likely to defend our devices from online threats than offline ones.<\/p>\n\n\n\n

How did threat actors use the Raspberry Robin Windows worm?<\/h3>\n\n\n\n

According to a new report by HP Wolf Security<\/a>, threat actors are now using Windows script files (WSFs) to distribute the Raspberry Robin worm. IT admins and legitimate software use the WSFs to automate Windows tasks.<\/p>\n\n\n\n

HP Wolf Security researchers believe threat actors used malvertising or spam emails to direct their victims to their domains and subdomains. Using this technique, attackers trick some of us into downloading their infected WSF files.<\/p>\n\n\n\n

The WSF files infected with the Raspberry Robin<\/a> worm can bypass security software. Additionally, the malware-tracking website VirusTotal doesn’t categorize these files as malicious. Thus, hackers can run them almost freely.<\/p>\n\n\n\n

The Raspberry Robin worm is dangerous because it can inflict other malware such as SocGholish,\u00a0Cobalt Strike,\u00a0IcedID, BumbleBee, and Truebot. Additionally, the virus can migrate to other devices by infecting your network.<\/p>\n\n\n\n

Don’t open email attachments from untrusted sources to protect your system from the Windows worm. Additionally, consider asking the email sender directly about their email. After all, the wrongdoers using the worm could steal the sender’s login information and commit identity theft. Also, you can get a paid antivirus or an identity theft protection software.<\/p>\n\n\n\n

In a nutshell, the Raspberry Robin worm is a dangerous malware you can find in .wsf files. Threat actors might try to make you download it using malicious emails and malvertising. Additionally, if you receive a USB, consider not using it unless you have a way to test it.<\/p>\n\n\n\n

What are your thoughts? Did you ever hear about this malware? Let us know in the comments.<\/p>\n","protected":false},"excerpt":{"rendered":"

To avoid detection, threat actors are constantly using different techniques. In addition, sometimes they bring back old ones and tweak them to fit their needs and to bypass security systems. That’s why some wrongdoers are now using a new version of the Windows worm Raspberry Robin. OpenAI researchers created an AI worm a while ago. […]<\/p>\n","protected":false},"author":2297,"featured_media":1344104,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_enabled_clarity":"","ep_exclude_from_search":false,"footnotes":""},"categories":[4],"tags":[584,84,1088],"work":[],"acf":[],"yoast_head":"\nHackers are using Windows script files to spread the Raspberry Robin and steal data<\/title>\n<meta name=\"description\" content=\"Threat actors use Windows script files infected with the Raspberry Robin worm to attack your network and inflict malware on devices.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers are using Windows script files to spread the Raspberry Robin and steal data\" \/>\n<meta property=\"og:description\" content=\"Threat actors use Windows script files infected with the Raspberry Robin worm to attack your network and inflict malware on devices.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\" \/>\n<meta property=\"og:site_name\" content=\"Windows Report\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/WindowsReport\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-11T11:32:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-12T04:18:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/windowsreport.com\/wp-content\/uploads\/2024\/04\/Malware-on-a-system.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@WindowsRep\" \/>\n<meta name=\"twitter:site\" content=\"@WindowsRep\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/windowsreport.com\/#organization\",\"name\":\"WindowsReport\",\"url\":\"https:\/\/windowsreport.com\/\",\"sameAs\":[\"https:\/\/www.facebook.com\/WindowsReport\",\"https:\/\/www.instagram.com\/Windows.Report\/\",\"https:\/\/www.linkedin.com\/company\/windowsreport\/\",\"https:\/\/www.youtube.com\/channel\/UCvAaplMymP1PcGkp26qUXlA\",\"https:\/\/pinterest.com\/Windows_Report\/\",\"https:\/\/twitter.com\/WindowsRep\"],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/windowsreport.com\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/windowsreport.com\/wp-content\/uploads\/2020\/05\/windowsreport-logo-quantcast.png\",\"width\":170,\"height\":28,\"caption\":\"WindowsReport\"},\"image\":{\"@id\":\"https:\/\/windowsreport.com\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/windowsreport.com\/#website\",\"url\":\"https:\/\/windowsreport.com\/\",\"name\":\"Windows Report\",\"description\":\"Time-saving software and hardware expertise that helped 500MM+ PC users. Guiding you with how-to advice, news and tips to upgrade your tech life.\",\"publisher\":{\"@id\":\"https:\/\/windowsreport.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/windowsreport.com\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/windowsreport.com\/wp-content\/uploads\/2024\/04\/Malware-on-a-system.jpg\",\"width\":1920,\"height\":1280,\"caption\":\"Raspberry Robin Windows worm seen through AI\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#webpage\",\"url\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\",\"name\":\"Hackers are using Windows script files to spread the Raspberry Robin and steal data\",\"isPartOf\":{\"@id\":\"https:\/\/windowsreport.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#primaryimage\"},\"datePublished\":\"2024-04-11T11:32:41+00:00\",\"dateModified\":\"2024-04-12T04:18:16+00:00\",\"description\":\"Threat actors use Windows script files infected with the Raspberry Robin worm to attack your network and inflict malware on devices.\",\"breadcrumb\":{\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/windowsreport.com\/category\/news\/\",\"url\":\"https:\/\/windowsreport.com\/category\/news\/\",\"name\":\"News\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\",\"url\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/\",\"name\":\"Hackers are using Windows script files to spread the Raspberry Robin and steal data\"}}]},{\"@type\":\"NewsArticle\",\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#webpage\"},\"author\":{\"@id\":\"https:\/\/windowsreport.com\/#\/schema\/person\/70a35fc894d930ec4eaa0b6b1fee62dc\"},\"headline\":\"Hackers are using Windows script files to spread the Raspberry Robin and steal data\",\"datePublished\":\"2024-04-11T11:32:41+00:00\",\"dateModified\":\"2024-04-12T04:18:16+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#webpage\"},\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/windowsreport.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#primaryimage\"},\"keywords\":\"Cybersecurity,malware,virus\",\"articleSection\":\"News\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/windowsreport.com\/hackers-are-using-the-raspberry-robin-worm-to-attack-your-device\/#respond\"]}],\"copyrightYear\":\"2024\",\"copyrightHolder\":{\"@id\":\"https:\/\/windowsreport.com\/#organization\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/windowsreport.com\/#\/schema\/person\/70a35fc894d930ec4eaa0b6b1fee62dc\",\"name\":\"Sebastian Filipoiu\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/windowsreport.com\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/425de9c4309684a2ddb9182704bd1f92?s=96&d=https%3A%2F%2Fwindowsreport.com%2Fwp-content%2Fuploads%2F2024%2F01%2Fwricon.png&r=g\",\"caption\":\"Sebastian Filipoiu\"},\"description\":\"Sebastian is a content writer with a desire to learn everything new about AI and gaming. So, he spends his time writing prompts on various LLMs to understand them better. Additionally, Sebastian has experience fixing performance-related problems in video games and knows his way around Windows. Also, he is interested in anything related to quantum technology and becomes a research freak when he wants to learn more.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/sebastian-gabriel-filipoiu\/\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","_links":{"self":[{"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/posts\/1344044"}],"collection":[{"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/users\/2297"}],"replies":[{"embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/comments?post=1344044"}],"version-history":[{"count":5,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/posts\/1344044\/revisions"}],"predecessor-version":[{"id":1344229,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/posts\/1344044\/revisions\/1344229"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/media\/1344104"}],"wp:attachment":[{"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/media?parent=1344044"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/categories?post=1344044"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/tags?post=1344044"},{"taxonomy":"work","embeddable":true,"href":"https:\/\/windowsreport.com\/wp-json\/wp\/v2\/work?post=1344044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}