Thursday, February 25, 03:07
Home security Windows RDP servers are used to support DDoS

Windows RDP servers are used to support DDoS

Cybercrime gangs are abusing Windows Remote Desktop Protocol (RDP) systems to boost unwanted traffic as part of DDoS attacks, security company Netscout said.

Not all RDP servers can be abused, but only on systems where RDP authentication is enabled on port UDP 3389 above the standard TCP port 3389.

DDoS RDP servers

Netscout said intruders could send distorted UDP packets to the UDP ports of RDP servers that would be reflected in the target of the DDoS attack, resulting in unwanted traffic to hit the target system.

This is what security researchers call a DDoS boost factor that allows intruders to access restricted access. resources launch large-scale DDoS attacks by boosting unwanted traffic with the help of systems set out in Internet.

But the bad news does not end with the booster. Netscout said that hackers have already learned about this new player.

Netscout is now asking system administrators running RDP servers exposed on the Internet to set the offline systems, change them to the corresponding TCP port or place the RDP servers behind VPN in order to limit who can interact with vulnerable systems.

Currently, Netscout says it detects more than 33.000 RDP servers exposed online running on UDP port 3389.

As of December 2018, five new sources of DDoS support have been revealed. These include Constrained Application Protocol (CoAP), Dynamic Discovery (WS-DD) Web Services, Apple Remote Management (ARMS), servers Jenkins and the gates Citrix.

In accordance with FBI, the first four have been used in real attacks.

Source of information:


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Huawei: Wearables are becoming available for other applications

While the dispute between Huawei and the USA continues unabated, the company seems to be doing quite well in the field of ...

How to create a Progress Bar in Microsoft PowerPoint

A progress bar is a graphic that, in PowerPoint, visually represents the percentage of presentation slides that have been completed. See ...

EU: AI makes autonomous vehicles "extremely vulnerable" to cyber attacks

The goal of autonomous vehicles is to be able to avoid human error and save lives, but a new report of ...

Security officials to Senate to invade Capitol: "It was a coordinated attack"

Security officials testified Tuesday that they believe the January 6 riot at the Capitol was a "coordinated attack" as they were pressured by senators ...

Universal Android Debloater: Get rid of unwanted applications Οι προεγκατεστημένες εφαρμογές, γνωστές και ως "bloatware", είναι συνηθισμένη πρακτική των κατασκευαστών συσκευών για να ωθούν...

One UI 3.1: Samsung DeX gets wireless support!

A few weeks ago, it was discovered that the Galaxy S1 series was equipped with wireless support for DeX on PC. As it turns out, you can ...

Google Password Checkup feature is coming to Android

Android users can now take advantage of the Password Checkup feature that Google first introduced in the browser ...

The World Wide Web may be coming to an end. Where does this come from?

In recent years, the World Wide Web has begun to look less "global". Developments in the field of technology and the Internet, ...

United Kingdom: Organizations related to critical infrastructure have been breached

A new study by Bridewell Consulting showed that the vast majority (86%) of organizations managing critical national infrastructure in the UK ...

Honda wants to put a drone in the tail of an electric motorcycle

Well, this is definitely one of the strangest news that has been released lately: Honda wants to put a mini ...