Oo De Lally! RobinHood Ransomware Returns…


February 11, 2020

This version of RobinHood doesn’t steal from the rich and give to the poor. He just ruins your day. If you don’t believe me just ask the City of Baltimore who was legitimately ROCKED last year by it infected their systems and cost the Crab Cake Capital of the World (honestly they call themselves that) $18.2 million.

That’s a whole lot of crab cakes.

How does RobinHood work?

Well, it’s not with a band of merry men. This lovely piece of code allows attackers to undermine kernel memory in Windows 7, 8 and 10 to bypass endpoint protection software and encrypt files.

The ransomware acts as a wedge and gives them the ability to load a second, unassigned driver into Windows. This driver obliterates the endpoint’s security product (including processes and files) and allows it to run without being hindered.

How to defend against RobinHood?

It’s much easier to tell you what a piece of ransomware does then it is to tell you how to protect yourself against it.

First and foremost, keep your systems patched and updated. Any door you close will make you safer, though unfortunately it never seems like we’re able to keep them closed for long.

Second, just because RobinHood’s been leveraged to disable and destroy endpoint protection software doesn’t mean that type of software can’t detect and stop it in the first place.

Third, educate your end-users on topics like ransomware. The biggest vulnerability is an uneducated workforce that doesn’t know the danger or how to react when they see something they’re unsure of. An educated end-user could be your best and most effective means of defense.

Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.

Don’t forget to follow us on LinkedIn and Twitter

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...