Rdp shop sells rdp access for a price of only 10 dollars within the dark web

Black markets within the Dark Web include not only drugs, but it's a massive hidden network where you can buy pretty much everything you can think of related to illegal content. Now a case of RDP access sale by RDP Shop comes to light.

RDP Shop sells RDP access for a price of just $ 10

RDP Shop is a sales platform within the Dark Web from where anyone can buy RDP (remote desktop protocol) access to thousands of hacked machines for a small fee. Security researchers from the McAfee Advanced Threat Research team discovered that someone is selling remote access, linked to security systems at a major international airport for as little as $ 10.

We recommend reading our post on How to activate automatic software updates in iOS 12

The researchers used the Shodan search engine to find the correct IP address of the hacked Windows Server machine, whose administrator account was for sale. When investigators reached their login screen via Windows RDP, they found two more user accounts, which were associated with two companies specializing in airport security, one in security and building automation, and the other in camera surveillance. and video analysis.

Black market vendors generally gain access to RDP credentials, simply by scanning the internet for systems that accept RDP connections, and then launch brute force attacks with popular tools like Hydra, NLBrute, or RDP Forcer to gain access.

As a solution, organizations should consider taking RDP security measures including disabling access to RDP connections over the open Internet, using complex passwords, and two-factor authentication to make brute-force attacks more difficult to achieve, and block users and block IP addresses that have too many failed login attempts.

Thehackernews font