Hackers can purchase government login credentials for cheap on the dark web

McAfee’s Advanced Threat Research team recently discovered that hackers have access to many organizations that have weak credentials when using Microsoft’s Remote Desktop component in Windows-based systems. Access to these organizations — whether it’s an airport, a hospital or the U.S. government — can be bought for little money through specific shops on the dark web.

Microsoft’s Remote Desktop Protocol (RDP) essentially allows you to connect and use a Windows-based PC from a remote location. When those login credentials are weak, hackers can use brute force attacks to gain the username and password for each connection. McAfee found connections up for sale across various RDP shops on the dark web ranging between a mere 15 to a staggering 40,000 connections.

“The advertised systems ranged from Windows XP through Windows 10,” says John Fokker, McAfee’sHead of Cyber Investigations. “Windows 2008 and 2012 Server were the most abundant systems, with around 11,000 and 6,500, respectively, for sale. Prices ranged from around $3 for a simple configuration to $19 for a high-bandwidth system that offered access with administrator rights.”

Among the list of devices, services and networks on the menu are multiple government systems on sale worldwide, including those linked to the United States. The team found connections to a variety of healthcare institutions including medical equipment shops, hospitals, and more. They even found access to security and building automation systems at a major international airport selling for a mere $10.

The problem doesn’t just revolve around desktops, laptops, and servers. Internet of Things devices based on Windows Embedded are also on the menu such as point-of-sale systems, kiosks, parking meters, thin client PCs and more. Many are overlooked and not updated, making them a quiet entryway for hackers.

Black market sellers gain RDP credentials by scanning the internet for systems that accept RDP connections, and then use tools like Hydra, NLBrute and RDP Forcer to attack the login using stolen credentials and password dictionaries. Once they successfully log into the remote PC, they don’t do anything but put the connection details up for sale.

After hackers pay for a connection, they can bring a corporation down to its knees. For instance, a hacker could pay a mere $10 for a connection, infiltrate the network to encrypt the files of every PC, and demand a $40,000 ransom. Compromised PCs can also be used to deliver spam, misdirect illegal activity and mine cryptocurrency. Access is also good for stealing personal information and company trade secrets.

“We found a newly posted Windows Server 2008 R2 Standard machine on the UAS Shop,” Fokker writes. “According to the shop details, it belonged to a city in the United States and for a mere $10 we could get administrator rights to this system. UAS Shop hides the last two octets the of the IP addresses of the systems it offers for sale and charges a small fee for the complete address.”

The solution, according to McAfee, is that organizations need to do a better job at checking all their virtual “doors and windows” so hackers can’t sneak in. Remote access should be secure and not easily exploitable.

Product Review

Invisible until you need it, SimpliSafe is a no-hassle way to watch your home

These days, there a lot of do-it-yourself home security systems out there. How do you choose? Simplisafe’s latest offering brings together beautiful hardware and the ability to customize your home security package. We do wish that we…
Computing

If your data is found on the dark web, Firefox Monitor will let you know

Firefox is finally launching its Firefox Monitor service and you don't have to use the Firefox browser to access it. Monitor scans the dark web to see if your email address has been leaked as part of a past data breach.
Computing

U.N. security blunder left secret Trello boards, Google Docs exposed

United Nations documents were left vulnerable to unauthorized users by staffers who left Trello boards and Google Docs unprotected and accessible to anyone who had their unique URLs.
Computing

Pain in the wrists? Type in comfort with one of these great ergonomic keyboards

Long typing sessions can leave anyone's wrists aching, but if you have one of the best ergonomic keyboards, that doesn't have to be the case. Our list of favorites will support good typing posture while being comfortable to use.
Computing

How to enable dark mode in MacOS Mojave

Learn how to enable dark mode in MacOS Mojave! As Mac's latest update gears up to hit all Mac systems later this year, the public beta for Mojave is nearly open for you to test out the latest features. One of the most in-demand changes is…
Computing

MacOS Mojave launches on September 24. Here's what we like about it so far

Mojave is the latest version of MacOS, and it's out now. Chock-full of quality-of-life upgrades, we took it for a test drive to get a sneak peek at what you can expect from the next major update to MacOS.
Computing

Critical MacOS Mojave vulnerability bypasses system security

Security Researcher Patrick Wardle has discovered a critical MacOS Mojave security flaw that could potentially allow malicious applications to bypass Mac's system security controls.
Emerging Tech

Microsoft and Shell build A.I. into gas stations to help spot smokers

Shell and Microsoft have created a system for gas stations that can spot someone who's smoking or about to smoke. The platform uses multiple cameras, local computing power, and Microsoft's cloud intelligence system to do the job.
Computing

Chrome OS update could make switching to tablet mode far easier

Google is working on an update for Chrome OS that would make its browser-based operating system much easier to operate in tablet mode, even with the new, streamlined user interface.
Emerging Tech

Teaching machines to see illusions may help computer vision get smarter

Researchers are teaching computers to see optical illusions. The reason? To create smarter, more brain-like vision recognition algorithms for everything from robots to autonomous cars.
Computing

How many GPU video ports is too many? The Aorus RTX 2080 packs seven

Aorus' new RTX 2080 graphics card wants to turn up the new-generation GPUs to 11 with greater cooling, RGB lighting, and a whole host of video port options that give anyone more than they'll likely ever need.
Virtual Reality

Virtual reality breaks free as the HTC Wireless Adapter hits store shelves

Gamers can now break free from wires as the HTC Wireless Adapter hits store shelves, allowing HTC Vive users to connect their headsets wirelessly to their Windows PC without the need for cable tethers.
Computing

Here’s what we want to see from the Surface Studio 2

Check out our list of the top rumors and wishes for the Surface Studio 2! Microsoft is likely to announce the Studio 2 this year: The iMac competitor first arrived with massive touchscreen and many design-friendly elements, but was severely…
Deals

The ultrathin Dell S2718D 27-inch monitor is on sale for a very limited time

Does your PC monitor need an upgrade? The ultrathin Dell S2718D 27-inch monitor boasts InfinityEdge technology for a near bezel-less display and can charge your devices via a 45 watt USB-C port. It's on sale right now for $220.