๐ New Backdoor Trojan Spreads Through RDP Brute-Force Attacks
๐ก Newskategorie: IT Security
๐ Quelle: news.softpedia.com
A new malware family called Trojan.sysscan has the potential to wreak havoc in enterprise networks that feature poorly protected RDP servers. Discovered by security firm Guardicore, attackers utilize this malware as a backdoor trojan, collecting data from compromised hosts, and exfiltrating it to an attacker's remote server. Attacker infects systems after RDP brute-force attacks Targeted systems are infected after the attacker scans the Internet for open RDP ports, which he brute-forces using common username and password combinations. Poorly secured servers are the optimal targets, and because RDP servers are commonly found in medium-to-large enterprise networks, companies have the most to fear from this new threat. According to Guardicore, this new trojan is coded in the Delphi programming language and comes with support for dumping passwords from loca... ...