For $ 10, you can get RDP access on the darknet!
Security researchers at the McAfee advanced threat research ( ATR ) team analyzed the black-market sales of RDP access across a broad range of industries, and the prices were too low to be imagined.
Although we all know that some of the stolen data, along with broken systems, devices and more information, are often sold in the dark web.
But, you know, in the dark web, there are stores that specialize in selling certain rights, like RDP stores.
According to the survey, for $ 10, you can buy an RDP access to an airport security system on the dark web.
But if you give you $ 10, what can you do?
Photo #1 from Nanjing City, PRC by tkk1234 made on 2018-07-22 10:55 for Sola
Emmmmm.
You can buy a movie ticket or a double burger combo, or take a taxi from China to zhongguancun.
Maybe that's why we're not like hackers, because they can not only do that, but they might also buy RDP access for various organizations.
Security researchers at McAfee tell us that $ 10 is enough to allow hackers to buy weapons on the dark web, hack into the airport's remote control system, to send spam, create false security alerts, steal data and credentials, and use servers to mine.
Recently, security researchers at McAfee analyzed a wave of RDP access in a variety of industries on the black market. they went through several dark web stores offering such services, according to the foreign media securityreport.
As you can see, the largest dark web store is called " UAS " ( ateservice ), which literally translates as " the ultimate anonymous Service, " which comes from Russia, which provides more than 40,000 RDP access across a wide range of industries.
At number two is BlackPass, a store that, like a grocery store, has more than 10,000 RDP rights, but is more versatile and offers other kinds of weapons to hackers.
At number three is a store called flyby, while the old four xDedic is only 1000, but it was discovered by kksky's experts in June 2016.
Based on the data currently available, xDedic is open in 2014 and is growing rapidly in the middle of 2015.
XDedic can provide services to everyone, from entry-level cybercriminals to APT organizations to get the information they want in the underground black market, making it much faster and more convenient for people to enter the legalised server. xDedic is primarily a server.
Why is it that darknet merchants are starting to do RDP rights?
Because the tool is cheap for hackers.
In the hacker community, the tool is becoming more popular, especially with the ability to distribute malicious software, such as the infamous SamSam ransomware, which is distributed through the tool.
What's more, the tools are so cheap that, according to McAfee's security researchers, some of the high value networks ' RDP rights are sold for less than $ 1 on the dark web, and when the hackers buy them, sometimes they just silently scan the important information and then quietly move on.
Currently, black market vendors offer RDP access to a wide variety of systems, ranging from Windows XP to Windows 10, with Windows 2008 and 2012 Server being the most popular, with 11000 and 6500 for sale, respectively.
The RDP accesses different prices for different permissions, such as the lowest common access limit of $ 3, and $ 19 for administrator access.
Security researchers have found that remote access to critical infrastructure is being sold, and that access can be very dangerous, given what happens if hackers can control the entire airport's building controls and camera controls.
What's more striking to the researchers is that, using these rights, they can also access the airport's automated traffic system via the relevant accounts, directly connecting to the terminal's passenger transport system. what is the consequence?
The services provided by the UAS Shop and BlackPass are features of hundreds of identical equipment systems associated with the Dutch municipalities, housing associations and medical institutions, which are important targets for hackers.
When analyzing the UAS store, the researchers found that the recently added Windows Server2008 R2 standard machine was only $ 10, located in a major international airport in the United States.
The sellers offer three different permissions, including user accounts, administrator accounts, and third-party company accounts, including a company that specializes in airport security and building automation, as well as another company that specializes in camera monitoring and video analysis for airports.
Now that many attackers are increasingly using RDP permissions to spread malware, we now know that ransomware, like SamSam, can actually use the RDP authority to sell on the dark web to enable attacks, and to get potentially high-value ransomware victims at low prices.
We found that we could buy systems related to major international airports for as little as $ 10.
Many RDP are sold for less than $ 1. in other words, hackers don't need to pay a high price for a zero-day exploit, nor do they need to carefully design phishing or puddle attacks to buy remote control systems.
As security incidents broke out, the industry became a passive focus on safety.
The blockchain, as the emerging hot technology, is of course not a problem.
The explosive blockchain gives people infinite fantasy, and while many people think about the benefits of blockchain, one of its problems raises concerns about security.
A recent 360 discovery of a high-risk vulnerability in the blockchain, which controls all the nodes on the system, reveals the " one-line code, " " a single token, a vulnerability, a vulnerability to a type of smart contract, " which is an exaggeration, but the technology needs to be fully integrated into the blockchain's overall ecosystem security solution.
Governments and organizations spend billions of dollars a year to protect our trusted computer systems.
But even the most advanced solutions can not provide security at the back door or with simple protection.
Therefore, safety issues need to be taken seriously and need to be improved and perfected.
At the very least, the emergence of blockchains is a way to strengthen existing security solutions in the security industry.