As reported earlier by Red Canary, compromised QNAP devices were used for command and control (C2) infrastructure for Raspberry Robin activity. HTTP requests that contain the victim’s user and device names are sent to the QNAP device, as well as hosting a malicious DLL that is downloaded and installed to the victim system. Image from Microsoft Security […]