Microsoft experts linked the Raspberry Robin malware to Evil Corp operation


In order to connect to domains connected to QNAP and download a malicious DLL, the malicious malware makes use of Windows Installer. TOR exit nodes are used by the malware as a backup C2 infrastructure.

The malware, known as Raspberry Robin, started to target businesses in the manufacturing and technology sectors in September 2021, according to analysts. Usually, infected USB devices or portable discs provide the first point of access. Read More…