Categories: EducationFAQ

What Is RDPPatcher?

Cyber attacks are far more common now compared to a few years ago, which has security researchers concerned. Experts are warning about a new major threat, dubbed RDPPatcher. In fact, it appears criminals use this method of selling remote access to hacked computers as a way to earn a lot of money through darknet marketplaces. It is due time we take a look at what RDPPatcher embodies exactly.

RDPPatcher Is A Big Problem

Criminals are installing malware through Remote Desktop Protocols. Thousands of infection attempts are recorded every single day, which is of particular concern to security experts. Considering how quite a few enterprises rely on Remote Desktop Protocol connections, this technology can leave millions of computers vulnerable to attack

To make matters worse, it appears criminals have started to use these remote connections as a way to provide others with access to vulnerable computer systems. To be more precise, the new wave of RDP attacks aims to sniff out point of sale terminals and ATMs, indicating RDPPatcher is a major threat to the banking sector. Attacking these terminals and ATMs can be done over the internet in an anonymous manner, making them high-value targets for hackers.

One of the most recent RDPPatcher attacks took place in January 2017, albeit it is believed the attack was initiated two months prior. Criminals obtained the correct credentials to infiltrate a bank network by using a brute force attack. Once they gained entry to the internal system, they initiated a malware distribution, which was eventually blocked by Adaptive Defense. Despite modifications made to the malware being injected, the bank’s security software successfully thwarted further attacks.

As one would expect from a malicious tool such as RDPPatcher, it is designed to gather as much information about the infected device as possible. The developers collect this information, which is transmitted to a command and control server. It also determines which antivirus solution is present on the computer, yet does not try to turn it off by any means. Unfortunately, this is only a glimpse of what this malicious tool is capable of.  

What is of real concern about the RDPPatcher process is how the information gathered is used as an advertisement tool. Criminals will advertise they have access to this specific device on various darknet forums, in the hopes someone will pay them to abuse the infected system. Since there is no credentials or data theft taking place while RDPPatcher gathers its information, this unauthorized access will not be detected anytime soon.

When criminals provide remote access to vulnerable systems as a service, things are evolving in the wrong direction. Unfortunately, it is virtually impossible for security companies to do anything about RDPPatcher in its current state, as very little is know about the tool itself. Anyone who successfully infiltrates a system can make a lot of money from “reselling” the login credentials to a more sophisticated hacker group. A very troublesome development, that much is certain.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Published by
JP Buntinx
Tags: Cyber SecuritymalwareRDPPatcher

Recent Posts

Blockchain Arms Race Continues as More Companies File Patents

Barclays Bank is the latest in a long line of companies that have filed blockchain-related patents as they seek to…

12 mins ago

Dash Price: Negative Trend can Spell Future Short-term Losses

Anyone who was hoping for a strong cryptocurrency market recovery over the weekend will be sorely disappointed. Things are not…

34 mins ago

Ethereum Price: Small Gains in BTC Ratio Keep USD Value Flat

It was to be expected this weekend would be relatively interesting for all cryptocurrency markets. Even though the momentum is…

5 hours ago

In Murky Digital Content Industry, Blockchain Startups Like Contentos Provide Clarity

The digital content space has a host of problems related to transparency, centralization, and hype, making it difficult for creators…

13 hours ago

5 Fierce Facts About Cybersecurity You Probably Don’t Want to Hear

It’s hard work running a business. It almost makes you ache for a simpler time when all you had to…

16 hours ago

Privacy and Access: Meet “Eijah”, the Hacker Behind Promether

Cryptography inspires all types of people to create. One such creator is Eric Anderson, the founder of a decentralized privacy…

17 hours ago