Several updates have been introduced to the Raspberry Robin malware, also known as QNAP worm, including its usage of two new exploits for one-day vulnerabilities, tracked as CVE-2023-36802 and CVE-2023-29360, reports The Hacker News. Both exploits may have been purchased by Raspberry Robin operators Storm-0856 due to the lack of obfuscation relative to the core module of the malware and their utilization as an external 64-bit executable, according to a Check Point report.
Source: SC Magazine