Cyber Threat Actors That Exploit RDP

By Jyoti Upadhyay March 14, 2022

Cyber actors can infiltrate the connection between the machines and inject malware or ransomware into the remote system.

EXAMPLES OF THREATS

#1. CrySiS Ransomware #2. CryptON Ransomware #3. Samsam Ransomware #4. Dark Web Exchange

CrySiS Ransomware

Targets through open RDP ports, using both brute-force and dictionary attacks to gain unauthorized remote access. The threat actors demand payment in Bitcoin in exchange for a decryption key.

CryptON Ransomware

CryptON ransomware utilizes brute-force attacks to gain access to RDP sessions.  Cyber actors typically request Bitcoin in exchange for decryption directions.

Dark Web Exchange

Threat actors buy and sell stolen RDP login credentials on the Dark Web.

Samsam Ransomware

Samsam ransomware uses a wide range of exploits, including ones attacking RDP-enabled machines, to perform brute-force attacks.

SUGGESTIONS FOR PROTECTION

Audit your network for    systems using RDP for remote    communication Verify all cloud-based virtual    machine instances Enable strong passwords and    account lockout policies to    defend against brute-force    attacks. Apply two-factor    authentication, where possible. Apply system and software    updates regularly. Maintain a good back-up    strategy.

More Stories.

How To Prevent Yourself From Cyber Attacks From Russia?

Buy Cheap RDP Server With Full Admin Access

Top 5 Free Cyber Security Courses

Twitter
YouTube
Instagram
Facebook