Remote desktop protocol (RDP) access to businesses is now popularly sold and bought on the Dark Web, according the McAfee Advanced Threat research team. In a Wednesday report, they found that organizations’ RDPs— Microsoft-developed protocols that allow users to access another computer system remotely—are being sold on the Dark Web for as little as $10.
The Dark Web is home to RDP shops that allow hackers to buy the logins for computer systems that could potentially take down major businesses, according to a McAfee press release. RDP is meant to be an efficient medium for accessing a network, which it is, but not always for the right people. When hacking into an RDP, cybercriminals don’t have to worry about an organization’s cybersecurity defense systems—once they gain access to the system, they’re in, said McAfee.
Cybercriminals are mainly using RDP access to create false flags, spam, account abuse, credential harvesting, extortion, ransomware, and cryptomining, according to McAfee’s research. Anyone with RDP network access can be vulnerable to attack, even government and healthcare institutions, said the release. And with systems posted on the Dark Web at such low prices, they are sure to be bought.
