RobbinHood

Malware Profile Updated 2 months ago
Download STIX
Preview STIX
RobbinHood is a type of malicious software, or malware, that infiltrates victims' networks with the primary objective of holding data hostage for ransom. The infection process often involves phishing schemes, Remote Desktop Protocol (RDP) attacks, or other Trojans. Notably, RobbinHood has been known to exploit CVE-2018-19320, a vulnerability in Gigabyte's kernel driver. Once it gains access to a system, it encrypts the user's files and demands a ransom, typically ranging from 3 to 13 bitcoin, to decrypt the data. The city of Baltimore experienced a significant incident involving RobbinHood malware. In a press conference, the Chief Information Officer (CIO) confirmed that the city was dealing with an aggressive ransomware attack from this specific malware variant. According to the FBI, RobbinHood was a relatively new strain at the time of the attack, adding an extra layer of complexity to the city's response efforts. The RobbinHood malware represents a significant threat due to its ability to bypass security measures and encrypt critical data. Its use of advanced infiltration techniques, including exploiting known vulnerabilities and leveraging common methods like phishing, makes it especially dangerous. The experience of Baltimore underlines the potential severity of such an attack, emphasizing the importance of robust cybersecurity measures, regular system updates, and user education about potential threats.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Vulnerability
Bitcoin
Ransomware
Ransom
Phishing
Malware
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2018-19320Unspecified
1
None
Source Document References
Information about the RobbinHood Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
6 months ago
The city of Baltimore, victim of RobbinHood ransomware
CERT-EU
6 months ago
Examples of Past and Current Attacks | #ransomware | #cybercrime | National Cyber Security Consulting