Remote Desktop (RDP) Hacking 101: ESET

24th October 2013 | By Mouseworld Now Correspondent |

New Delhi, India, October 24, 2013: ESET, a global player in proactive protection for 25-years, have reported the increase in malware being installed via Remote Desktop Protocol (RDP). ESET warns that RDP can serve a variety of useful purposes, in the wrong hands it can be a remote control weapon that enables bad actors to zombify your computer and have it do their bidding.

How could this happen?

  • If your computer is “listening” for an RDP signal (typically over port TCP 3389), and it is connected to the Internet, it will respond when a remote user asks it if it’s alive. To the remote user, they will be presented with a login screen to your desktop, often without you noticing
  • If one’s computer have a poorly configured RDP setup, it may just let the remote user in.
  • If you have administrative privileges assigned to the user they login as, they can take your computer for an unfettered spin around the block, ranging from turning it off, rebooting it, installing software (including malware).

How to Stop this?

  • Disable RDP (Control Panel under System > Remote Settings > Remote Desktop (under Windows 7, other operating systems vary)
  • If you choose to allow connections, take some time to define who you think should be connecting using the ‘Select Users’ dialog box
  • Notice the user that you are logged in as already has access (blanked out, example: ______ has already has access). When remote attackers come calling this could pose problems for an unwitting user who is logged in as Administrator
  • Do not use the password which can be easily guessed, as an attacker will always look to gain elevated access quickly
  • An attacker attempts to encrypt files on the computer and extort money especially from credit card, which virtually guarantees further fraud – the whole thing could be simply avoided by disabling the service
  • Strong username and passwords is recommended, may be the combination of upper and lower case letters, numbers, and symbols.
  • If you need to use RDP and are more technically inclined you can change the port on which RDP “listens” for connections (the default port is 3389)
  • Stay alert for those “Windows support” people who phone and ask you to install special remote access software to allow them to “fix” your computer

Tags: , , , ,

Leave your comment

IMPORTANT! To be able to proceed, you need to solve the following simple math

What is 5 + 7 ?
Please leave these two fields as-is:

Mouseworldnow Videos
  • r chandrashekhar president nasscom
  • Anant Maheshwari, President, Microsoft India
  • Suresh_Vaswani-220 by 220

Channel News

  • Toshiba Sends its Storage Partners to Bali Under its Foreign Trip Scheme more...
  • Cloudera Awards Top APAC Partners at annual Partner Summit more...
  • Rashi Peripherals Bags Indywood IT Excellence Award more...
  • Rashi Peripherals Conducts Multi-City Enterprise Partner Meet more...
  • Second Edition of Annual 4.5G & 5G Innovation Summit concludes on a successful note more...
Subscribe via email

Enter your email address:

Follow us on Facebook
QUESTION HOUR
What does the mouse ask?

Will the spurt in online video advertisement steal the twinkle from the TV ad platform?

View Results

Loading ... Loading ...
Newsletter Registration