Dubbed Raspberry Robin, the virus spreads offline on PCs using an infected USB device.
A new virus is currently spreading to Windows PCs. This can spread offline via USB sticks and then settles in the system. He also has worm-like abilities. This means it can replicate itself and thereby multiply in the network.
These findings come from a report by the security company Red Canary (via Bleeping Computer
Raspberry Robincalled.
In the meantime, we will discuss in this article whether such a virus could also damage your hardware:
Danger for the PC:
Can programs and viruses destroy your hardware?
This is how the worm-like virus works
When an already infected USB hard drive or stick is plugged into a Windows PC, it runs a cmd.exe. It then tries to contact a command and control server using the standard Microsoft installer. As the name suggests, this is intended to use certain commands to control aspects of the infected PC.
In addition, the researchers at Red Canary assume that Raspberry Robin also installs a malicious DLL file on the PC. The scientists suspect that this is intended to fix the virus on the computer for a longer period of time so that it is not deleted directly when the PC is restarted.
According to Bleeping Computer, it installs this DLL using two legitimate Windows programs: fodhelper
and odbcconf
. The former bypasses User Account Control (UAC) while the latter executes and configures the file. This flowchart from Red Canary shows the virus infection process:
This is how infection by the virus works. Source: Red Canary
The target of the novel virus is unclear
Although the security company’s researchers have already found out a lot about the virus, some points are still unclear. For example, they don’t yet know how the USB devices get infected with the virus in the first place. One of the researchers said:
First of all, we don’t know how or where Raspberry Robin infects external drives to maintain its activity because it’s likely to happen offline or out of our visibility.
In addition, it is currently still unclear what the aim of the malware is or what the creators of the virus intend to do with it. So far, the computer virus has mainly been found in companies in the technology and manufacturing sectors.
Already in 2018 there was another virus that was spread via Whatsapp. However, this turned out to be a hoax:
Whatsapp virus “Martinelli” – according to the Spanish police a fake
Have you ever caught a virus on your PC? Did it leave permanent damage? Please let us know.
