all InfoSec news
Raspberry Robin, Not a Juicy Raspberry You Love
Malware Analysis, News and Indicators - Latest topics malware.news
Fast facts
Raspberry Robin, previously disseminated through USB drives, now employs Discord for distribution.
The utilization of Raspberry Robin has been observed dropping a variety of payloads, including ransomware and stealers, such as CLOP.
Tools like RunDLL32 and Shell32.dll are abused for living off the land for proxy execution of malicious CPL files
Raspberry Robin, also known as the QNAP worm, is attributed to a threat actor dubbed DEV-0856.
Swachchhanda Shrawan Poudel
Security Research
Download reportShare This Story
In …
clop cpl discord distribution dll drives facts fast living off the land love malicious payloads proxy ransomware raspberry raspberry robin robin rundll32 stealers tools usb usb drives