Microsoft warns that a high-risk worm is spreading
Microsoft has issued a warning that a high-risk worm is infecting hundreds of Windows enterprise networks.
The virus, known as Raspberry Robin, is able to spread via infected USB devices, such as USB sticks.
When a USB device is infected, a.lnk file is generated, and once the user clicks on this file, Raspberry Robin automatically creates an msiexec.exe process and launches another malicious file.
It then communicates with the control server via a short URL command, and upon successful connection begins downloading other malicious.dll files and connecting to TOR nodes.
The worm has been found in hundreds of Windows networks across multiple departments, Microsoft said.
The good news, though, is that while Raspberry Robins have infected a large number of machines so far, they haven't done anything to threaten users or exploit vulnerabilities to gain access to sensitive information or deploy ransomware.
At this stage, Microsoft does not know which hacking group is responsible for the worm or what the purpose of the group is, but it is still marking it as a high-risk activity because of the potential threat.