1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Ransomware spreads through weak remote desktop credentials

Discussion in 'CSO' started by RSS, Sep 30, 2016.

  1. RSS

    RSS New Member Member

    Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they've also become a common distribution method for file-encrypting ransomware.

    In March, researchers discovered a ransomware program dubbed Surprise that was being installed through stolen credentials for TeamViewer, a popular remote administration tool. But the trend had started long before that, with some ransomware variants being distributed through brute-force password guessing attacks against Remote Desktop Protocol (RDP) servers since 2015.

    While this method of infection was initially used by relatively obscure ransomware programs, recently it has been adopted by an increasing number of cybercriminals, including those behind widespread ransomware programs such as Crysis.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page