Categories: EducationFAQ

What Is RDPPatcher?

Cyber attacks are far more common now compared to a few years ago, which has security researchers concerned. Experts are warning about a new major threat, dubbed RDPPatcher. In fact, it appears criminals use this method of selling remote access to hacked computers as a way to earn a lot of money through darknet marketplaces. It is due time we take a look at what RDPPatcher embodies exactly.

RDPPatcher Is A Big Problem

Criminals are installing malware through Remote Desktop Protocols. Thousands of infection attempts are recorded every single day, which is of particular concern to security experts. Considering how quite a few enterprises rely on Remote Desktop Protocol connections, this technology can leave millions of computers vulnerable to attack

To make matters worse, it appears criminals have started to use these remote connections as a way to provide others with access to vulnerable computer systems. To be more precise, the new wave of RDP attacks aims to sniff out point of sale terminals and ATMs, indicating RDPPatcher is a major threat to the banking sector. Attacking these terminals and ATMs can be done over the internet in an anonymous manner, making them high-value targets for hackers.

One of the most recent RDPPatcher attacks took place in January 2017, albeit it is believed the attack was initiated two months prior. Criminals obtained the correct credentials to infiltrate a bank network by using a

Related Post
brute force attack. Once they gained entry to the internal system, they initiated a malware distribution, which was eventually blocked by Adaptive Defense. Despite modifications made to the malware being injected, the bank’s security software successfully thwarted further attacks.

As one would expect from a malicious tool such as RDPPatcher, it is designed to gather as much information about the infected device as possible. The developers collect this information, which is transmitted to a command and control server. It also determines which antivirus solution is present on the computer, yet does not try to turn it off by any means. Unfortunately, this is only a glimpse of what this malicious tool is capable of.  

What is of real concern about the RDPPatcher process is how the information gathered is used as an advertisement tool. Criminals will advertise they have access to this specific device on various darknet forums, in the hopes someone will pay them to abuse the infected system. Since there is no credentials or data theft taking place while RDPPatcher gathers its information, this unauthorized access will not be detected anytime soon.

When criminals provide remote access to vulnerable systems as a service, things are evolving in the wrong direction. Unfortunately, it is virtually impossible for security companies to do anything about RDPPatcher in its current state, as very little is know about the tool itself. Anyone who successfully infiltrates a system can make a lot of money from “reselling” the login credentials to a more sophisticated hacker group. A very troublesome development, that much is certain.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Altcoin Alert: Crypto Market Cap Breaches Key Level Hinting at an 8000x Rally for this Shiba Inu Killer

Shiba Inu (SHIB) gave enormous returns in 2021, making many early holders millionaires. After the…

2 hours ago

XRP Crash? XRP Falls Below $0.5 Resistance Level as Next Gen Altcoin JetBolt Takes Over

Spooky season might be over but doom is still looming as Ripple’s XRP falls below…

5 hours ago

This New Exchange Token Is Poised for a Price Surge Alongside Cardano and Avalanche – Analysts Predict Huge Gains This November

Three promising altcoins are causing a stir among investors this November: Avalanche (AVAX), Cardano (ADA),…

5 hours ago

With Dogecoin Dipping and TRON Holding, Is Lunex the Hottest Crypto Now?  

Everyone knows what the hottest crypto can do. When it was so hot it was…

5 hours ago

Tron Fees To Be Cut In Half Through Proposal 95, Cutoshi Surpasses $600k As TRX Investors Join CUTO Presale

The Tron network has witnessed incredible growth in several areas, especially in its adoption, which…

7 hours ago

$Pepe Whale Sell-Off And Fund Transfers Stir Volatility In Meme Coin Market

Recently, major $PEPE holder Flow Traders transferred 520 billion $PEPE tokens—worth approximately $4.73 million—from address…

15 hours ago