Threat Actors Target Exposed Remote Desktop Protocol To Deploy Ransomware
Threat actors were discovered targeting open Remote Desktop Protocol (RDP) ports with variants from a range of ransomware families including Redeemer, NYX, Vohu, Amelia, BlackHunt, and MedusaLocker.
Online scanners were used to discover devices while stolen credentials or vulnerabilities were used as the initial access vector.
In some instances, adversaries were discovered exploiting the Microsoft Windows RDP BlueKeep vulnerability (CVE-2019-0708) to gain entry.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe