Tag: bumblebee
Raspberry Robin attacks via Windows
Raspberry Robin, a tough-to-detect worm carrying malware and ransomware, is now being delivered via Windows Shortcut Files and Windows Script Files. Researchers at Hewlett Packard (HP) first began to identify the new trend in March of this year. Previously, Raspberry Robin was delivered physically by inserting a weaponized USB stick into a targeted device. But now, this highly effective malware is being delivered via Windows Script Files (WSF), which are widely used by administrators and legitimate software to automate tasks within Windows. The WSF file format supports scripting languages, such as JScript and VBScript, that are interpreted by the Windows Script Host component built into the Windows operating system. It can, however, also be abused by attackers. The Windows Script Files are offered for download via various malicious domains and subdomains controlled by the attackers, which can be distributed via spam or fake online advertising campaigns.
BlackCat gang wields new weapon to target cloud storage – September 18th
The BlackCat ransomware gang is now using the Sphynx encryptor to target Azure cloud storage. The Spynx variant was discovered in March this year in an investigation of a data breach that shared similarities with another attack described in an IBM-Xforce report. BlackCat continues to be one of the most high-profile, sophisticated threat actor groups, owing to the gang's ability to continuously refine and adapt its tactics.