Will researchers discover the purpose of Raspberry Robin by 2022-08-17?
7
5
101
resolved Aug 26
Resolved
YES
https://www.lifewire.com/mysterious-new-windows-malware-continues-to-vex-researchers-5271614 > Cybersecurity researchers from Red Canary recently discovered a new worm-like malware they’ve dubbed Raspberry Robin, which spreads via infected USB drives. While they’ve been able to observe and study the working of the malware, they haven’t yet been able to figure out its ultimate purpose. Small print: I won't trade in this market.
Get Ṁ600 play money

🏅 Top traders

#NameTotal profit
1Ṁ12
2Ṁ12
3Ṁ4
Sort by:

In the original article from lifewire, there was uncertainty about whether the devices are being compromised for DDoS, mining crypto, ransomware, or something else. The article doesn't mention it, but it also appears that nobody knew who was behind the malware.

In the recent article from bleepingcomputer, we see that the malware is being used to download FakeUpdates malware leading to "follow-on actions resembling DEV-0243 pre-ransomware behavior". DEV-0243 is linked to "Evil Corp" cybercrime group. It seems further likely that this is an attempt to evade OFAC sanctions imposed for using Dridex.

The original source from Microsoft is here: https://www.microsoft.com/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/

My judgment is that this counts as "discovery of the purpose" of the malware. Resolving YES.

I could resolve this to PROB if researchers have a partial understanding.

Nothing in the news about this since those first reports.
bought Ṁ10 of YES
sounds like they're hard at work
@ian yeah, but normally I don't think it takes this long to figure it out.