An investigation has uncovered nearly 200 command-and-control domains associated with Raspberry Robin, a sophisticated malware that started in 2019. Known for its role as an initial access broker for various criminal groups, including those linked to Russia, Raspberry Robin has integrated multiple malware strains. New distribution methods such as using Discord attachments for delivery, along with a USB-based propagation mechanism, have been identified. The FBI has also reported Ryeberry Robin's connection with Russian state actors, increasing its importance in cybersecurity discussions.
A new investigation reveals nearly 200 unique command-and-control (C2) domains linked to Raspberry Robin, a malware acting as an initial access broker for criminal entities.
Raspberry Robin has evolved since 2019, facilitating various malware attacks and utilizing complex methods like USB propagation and Discord for distribution.
Collection
[
|
...
]