Categories: EducationFAQ

What Is RDPPatcher?

Cyber attacks are far more common now compared to a few years ago, which has security researchers concerned. Experts are warning about a new major threat, dubbed RDPPatcher. In fact, it appears criminals use this method of selling remote access to hacked computers as a way to earn a lot of money through darknet marketplaces. It is due time we take a look at what RDPPatcher embodies exactly.

RDPPatcher Is A Big Problem

Criminals are installing malware through Remote Desktop Protocols. Thousands of infection attempts are recorded every single day, which is of particular concern to security experts. Considering how quite a few enterprises rely on Remote Desktop Protocol connections, this technology can leave millions of computers vulnerable to attack

To make matters worse, it appears criminals have started to use these remote connections as a way to provide others with access to vulnerable computer systems. To be more precise, the new wave of RDP attacks aims to sniff out point of sale terminals and ATMs, indicating RDPPatcher is a major threat to the banking sector. Attacking these terminals and ATMs can be done over the internet in an anonymous manner, making them high-value targets for hackers.

One of the most recent RDPPatcher attacks took place in January 2017, albeit it is believed the attack was initiated two months prior. Criminals obtained the correct credentials to infiltrate a bank network by using a

Related Post
brute force attack. Once they gained entry to the internal system, they initiated a malware distribution, which was eventually blocked by Adaptive Defense. Despite modifications made to the malware being injected, the bank’s security software successfully thwarted further attacks.

As one would expect from a malicious tool such as RDPPatcher, it is designed to gather as much information about the infected device as possible. The developers collect this information, which is transmitted to a command and control server. It also determines which antivirus solution is present on the computer, yet does not try to turn it off by any means. Unfortunately, this is only a glimpse of what this malicious tool is capable of.  

What is of real concern about the RDPPatcher process is how the information gathered is used as an advertisement tool. Criminals will advertise they have access to this specific device on various darknet forums, in the hopes someone will pay them to abuse the infected system. Since there is no credentials or data theft taking place while RDPPatcher gathers its information, this unauthorized access will not be detected anytime soon.

When criminals provide remote access to vulnerable systems as a service, things are evolving in the wrong direction. Unfortunately, it is virtually impossible for security companies to do anything about RDPPatcher in its current state, as very little is know about the tool itself. Anyone who successfully infiltrates a system can make a lot of money from “reselling” the login credentials to a more sophisticated hacker group. A very troublesome development, that much is certain.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

NYC Entrepreneur Wins Big with BTC: BlockDAG Could Be Next

Mia Sanders, NYC Entrepreneur, Made Millions by Investing in BTC: Could BlockDAG Be Next for…

8 hours ago

Miami Artist Earns $5.2M with Solana: BlockDAG’s Future Prospects?

A Miami Artist's $5.2M Solana Success: Does BlockDAG Hold Equal Promises for 30,000x ROI? Success…

14 hours ago

Chainlink And Aptos Investors Migrate To The Presale Of New Crypto Instant Funding Prop Firm FXGuys ($FXG)

Recent market trends show that the new DeFi coin, FXGuys ($FXG), has been the go-to…

15 hours ago

Polkadot Price Prediction; Can XLM’s Rally Hold Strong as New Crypto Brings Passive Income? 

Curious about where the Polkadot price is headed? Or maybe you’re wondering if XLM’s rally…

15 hours ago

Best Crypto Presale to Watch: Could This Be the Next 9000% Breakout Star?

Any investor can achieve outstanding profit by selecting the best crypto presale in the growing…

15 hours ago

Influential Support for BlockDAG; Updates on Solana & XRP

Crypto Influencers Eye BlockDAG’s Bullish $142.5M Presale & BULLRUN100 Offer; Latest on XRP & Solana…

15 hours ago