07 June 19, 19:02
Quote:A botnet is currently scanning the internet in search of poorly protected Windows machines with Remote Desktop Protocol (RDP) connection enabled.
Called GoldBrute, of the malware compiled a list of over 1.5 million unique systems and systematically tests access on them with brute-force or credential stuffing attacks.
A search on Shodan search engine shows that there are about 2.4 million machines that are reachable over the web and have remote desktop protocol enabled.
Renato Marinho of Morphus Labs analyzed the brute-force component in GoldBrute, which keeps scanning the web and increases the list of potential targets.
https://morphuslabs.com/goldbrute-botnet...27b259a2ba
SOURCE: https://www.bleepingcomputer.com/news/se...p-servers/