Hackers are constantly changing their modus operandi to avoid detection, and now it appears they are resurrecting the Windows worm to infect vulnerable PCs with other malware and ransomware.

Raspberry Robin, identified in 2021, was first used by hackers to target technology and manufacturing companies. However, instead of spreading this malware online, they used USB drives sent to targeted organizations. While random USB drives should never be plugged into computers, some employees unknowingly plugged them in and the entire company network was infected.

Now, according to a new report from HP Wolf Security, Raspberry Robin is back in action, but this time the hacker is using a little-known Windows file type for distribution. If you're using one of the best Windows laptops out there, or even a PC of your own making, here's everything you need to know about this nasty Windows worm.

Hackers are launching a new campaign to distribute Raspberry Robin using Windows script files (WSFs) instead of using USB flash drives.

These scripts, for those unfamiliar with them, are often used by IT administrators and legitimate software to automate tasks within Windows. However, like many tools, they can be exploited by hackers and other cybercriminals.

In this latest campaign, the perpetrators are using many different domains and subdomains to distribute these malicious files. However, according to The Hacker News, it is not entirely clear how they are directing potential victims to these specific sites. However, researchers at HP Wolf Security believe that spamming and malvertising may be the hackers' modus operandi.

These WSF files are fairly obfuscated, making it difficult for the best anti-virus software and other security tools to identify them as actually dangerous. In fact, the malware tracking site VirusTotal has yet to classify them as malicious.

What makes Raspberry Robin so dangerous is that this malware is frequently used to send other malware such as SocGholish, Cobalt Strike, IcedID, BumbleBee, and Truebot to infected PCs. This malware is a precursor to more serious malware infections and can steal passwords and other sensitive or financial data from computers. Similarly, Raspberry Robin can be used to infect your computer and other computers on the same network with ransomware.

Just as with smartphones, you want to be very careful when using a PC and downloading new files online. As a general rule of thumb, it is best to stick to known brands and websites when downloading anything.

Raspberry Robin can be spread through spam emails, so avoid clicking on links or downloading attachments in emails from unknown senders. Even then, hackers could compromise the email account of someone you know and use that email address for future attacks. For this reason, you should avoid downloading anything from an email unless you have antivirus software installed.

Fortunately, Windows computers come with Windows Defender preinstalled, and this built-in antivirus software has become much more capable of fighting off malware infections and other attacks in recent years. However, if you still want to be more secure, it may be worth upgrading to paid antivirus software or signing up for the best identity theft protection available.

To mount a successful attack, hackers are always coming up with new ways to avoid detection. Therefore, one should be cautious online and think twice before downloading anything.