Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives.
This malware is linked to a cluster of
malicious activity dubbed Raspberry Robin and was first observed in September 2021.
Red Canary's Detection Engineering team detected the worm in multiple customers' networks, some in the technology and manufacturing sectors.
Raspberry Robin spreads to new Windows systems when an infected USB drive containing a malicious .LNK file is connected.
Raspberry Robin malware returns with early access to Windows exploits
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Microsoft finds Raspberry Robin worm in hundreds of Windows networks