RDP shop

Last updated

An RDP shop is a website where access to hacked computers is sold to cybercriminals.

The computers may be acquired via scanning the web for open Remote Desktop Protocol connections and brute-forcing passwords. [1] High-value ransomware targets are sometimes available such as airports. [2] Access to a compromised machine retails from $3 to $19 depending on automatically gathered system and network metrics using a standardised back door. [3] [4]

Russian sites such as xDedic [3] do not sell access to machines within the former Soviet nations. [5]

Commercial RDP Services

In addition to illegal RDP shops, legitimate services offer remote desktop access for various purposes such as business operations, remote work, and server management. Some of these services include:

Related Research Articles

<span class="mw-page-title-main">Zombie (computing)</span> Compromised computer used for malicious tasks on a network

In computing, a zombie is a computer connected to the Internet that has been compromised by a hacker via a computer virus, computer worm, or trojan horse program and can be used to perform malicious tasks under the remote direction of the hacker. Zombie computers often coordinate together in a botnet controlled by the hacker, and are used for activities such as spreading e-mail spam and launching distributed denial-of-service attacks against web servers. Most victims are unaware that their computers have become zombies. The concept is similar to the zombie of Haitian Voodoo folklore, which refers to a corpse resurrected by a sorcerer via magic and enslaved to the sorcerer's commands, having no free will of its own. A coordinated DDoS attack by multiple botnet machines also resembles a "zombie horde attack", as depicted in fictional zombie films.

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft Corporation which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software.

Remote administration refers to any method of controlling a computer or other Internet-connected device, such as a smartphone, from a remote location. There are many commercially available and free-to-use software that make remote administration easy to set up and use. Remote administration is often used when it's difficult or impractical to be physically near a system in order to use it or troubleshoot it. Many server administrators also use remote administration to control the servers around the world at remote locations. It is also used by companies and corporations to improve overall productivity as well as promote remote work. It may also refer to both legal and illegal remote administration.

rdesktop

rdesktop is an implementation of a client software for Microsoft's proprietary Remote Desktop Protocol (RDP). Rdesktop is free and open-source software, subject to the requirements of the GNU General Public License (GPL-3.0-or-later), and is available for Linux and BSD as well as for Microsoft Windows.

<span class="mw-page-title-main">Quick Assist</span> Microsoft Windows remote access feature

Quick Assist is a Microsoft Windows feature that allows a user to view or control a remote Windows computer over a network or the Internet to resolve issues without directly touching the unit. It is based on the Remote Desktop Protocol (RDP). It is complemented by Get Help, a feature introduced in Windows 10 that enables the user to contact Microsoft directly but does not allow for remote desktoping or screen sharing.

In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system, while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration.

This page is a comparison of notable remote desktop software available for various platforms.

Ericom Software, Inc. is a Closter, New Jersey-based company that provides web isolation and remote application access software to businesses.

<span class="mw-page-title-main">Microsoft Remote Web Workplace</span>

The Remote Web Workplace is a feature of Microsoft's Windows Small Business Server, Windows Home Server 2011, and the midsize business-focused product, Windows Essential Business Server, which enables existing users to log into a front-end network-facing interface of the small business/home server.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

<span class="mw-page-title-main">TeamViewer</span> Remote administration and web conferencing software

TeamViewer is a remote access and remote control computer software, allowing maintenance of computers and other devices. It was first released in 2005, and its functionality has expanded step by step. TeamViewer is proprietary software that requires registration and is free of charge for non-commercial use. It has been installed on more than two billion devices. TeamViewer is the core product of developing company TeamViewer SE.

Oracle Virtual Desktop Infrastructure (VDI) software is a discontinued desktop virtualization product that provides desktop virtualization to replace personal computers with virtual machines (VMs) on a server. Desktops are accessed via Sun Ray Client, Oracle VDC Client (basically a software version of the Sun Ray, also using the same ALP protocol as the Sun Ray, Remote Desktop Protocol client, or optionally through the web via Oracle Secure Global Desktop software.

<span class="mw-page-title-main">Chrome Remote Desktop</span> Remote desktop software tool

Chrome Remote Desktop is a remote desktop software tool, developed by Google, that allows a user to remotely control another computer's desktop through a proprietary protocol also developed by Google, internally called Chromoting. The protocol transmits the keyboard and mouse events from the client to the server, relaying the graphical screen updates back in the other direction over a computer network. This feature, therefore, consists of a server component for the host computer, and a client component on the computer accessing the remote server. Chrome Remote Desktop uses a unique protocol, as opposed to using the common Remote Desktop Protocol.

<span class="mw-page-title-main">Teradici</span> Canadian software company

Teradici Corporation was a privately held software company founded in 2004, which was acquired by HP Inc. in October 2021. Teradici initially developed a protocol (PCoIP) for compressing and decompressing images and sound when remotely accessing blade servers, and implemented it in hardware. This technology was later expanded to thin clients/zero clients for general Virtual Desktop Infrastructure. Teradici's protocol or hardware is used by HP, Dell-Wyse, Amulet Hotkey, Samsung, Amazon Web Services, Fujitsu, and VMware.

The cyber-arms industry are the markets and associated events surrounding the sale of software exploits, zero-days, cyberweaponry, surveillance technologies, and related tools for perpetrating cyberattacks. The term may extend to both grey and black markets online and offline.

xDedic Ukrainian crime forum, RDP shop and marketplace

xDedic was a Ukrainian-language crime forum, RDP shop and marketplace.

<span class="mw-page-title-main">BlueKeep</span> Windows security hole

BlueKeep is a security vulnerability that was discovered in Microsoft's Remote Desktop Protocol (RDP) implementation, which allows for the possibility of remote code execution.

<span class="mw-page-title-main">Remote Utilities</span> Remote desktop software

Remote Utilities is a remote desktop software that allows a user to remotely control another computer through a proprietary protocol and see the remote computer's desktop, operate its keyboard and mouse.

Initial access brokers are cyber threat actors who specialize in gaining unauthorized access to computer networks and systems and then selling that access to other threat actors such as ransomware. IABs are parts of ransomware as a service economy, also called "cybercrime as a service economy".

References

  1. Olenick, Doug (11 July 2018). "Dark Web shops selling RDP connections on the cheap" . Retrieved 27 August 2018.
  2. International Airport Review (17 July 2018). "Hackers can buy access to a major airport's security systems for just $10" . Retrieved 27 August 2018.
  3. 1 2 Guerrilla, American (19 July 2016). "xDedic is Back in Business on the Dark Web". Archived from the original on 19 July 2016. Retrieved 22 December 2016.
  4. THE ASIAN AGE (16 Jul 2018). "Organisations vulnerable to cheap RDP attacks: Report" . Retrieved 27 August 2018.
  5. SCUK (25 October 2017). "Russian underground shop selling RDP servers for £11 or less" . Retrieved 27 August 2018.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.