Author Topic: New Ransomware now Infects Computers via Windows Remote Desktop Services  (Read 182 times)

0 Members and 1 Guest are viewing this topic.

Offline legendguru

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 595
    • View Profile

A new strain of ransomware is using the Windows built-in Remote Desktop Services or Terminal Services to infect computers, encrypt files, and then demand a ransom of 4 Bitcoin (~$1,000).

The ransomware was first seen for users in Bulgaria and Greece, a few of whom asked for help online, on the Bleeping Computer tech forums. Malware researcher Nathan Scott took a closer look at this new ransomware family and found some interesting things.

Attackers are brute-forcing passwords on PCs running Remote Desktop Services

According to his findings, the attackers are manually installing the ransomware on all infected devices by brute-forcing user account passwords on machines that have left Remote Desktop or Terminal Services connections open.

Once they manage to get a foothold on infected systems, the attackers run the ransomware executable, which first maps all local and network drives.


New York Police Department equip force with Windows Phones to fight crime

Started by admin

Replies: 0
Views: 248
Last post August 14, 2015, 08:26:30 PM
by admin
Microsoft Update Windows 10 Start Menu with Subtle Tweaks features

Started by admin

Replies: 0
Views: 200
Last post October 13, 2015, 11:51:56 AM
by admin
Microsoft suggest Windows Phones with 3D Displays in future production

Started by internet police

Replies: 0
Views: 182
Last post July 02, 2015, 11:13:31 AM
by internet police
Mozilla firefox CEO blast Microsoft over Windows 10 browser defaults

Started by mastercode

Replies: 0
Views: 327
Last post August 03, 2015, 07:32:40 AM
by mastercode
Microsoft Set to Launch New Windows 10 Mobile Build This Week to fix More bugs

Started by legendguru

Replies: 0
Views: 168
Last post October 12, 2015, 11:03:29 AM
by legendguru