Xdedic Rdp Patch Download

  

What can hackers do to a server once they’ve broken into it? A lot. Some install malware and make it part of a botnet. Others steal valuable data stored within. Still others, like those mentioned in this post, sell login credentials at shady marketplaces in the Dark Web.

  1. Xdedic Rdp Patch Download 64-bit
  2. Xdedic Rdp Patch Download Windows 7
  3. Xdedic Rdp Patch Download Torrent
  4. Xdedic Rdp Patch V2.1

Using information posted with the original patch (Concurrent RDP Patcher2-22-2011) I uninstalled Patch KB2984972 and then tried patching, but the patch said “unknown checksum”. I Then found this post and I see that I do have KB3003743 installed (termsrv.dll is version 18637). There are over 85,000 RDP servers available for sale or rent via xDedic, a marketplace for selling or renting hacked servers that was exposed in June 2016.

Thousands of servers for sale

Earlier this month, researchers at Kaspersky revealed yet another alarming discovery in the field of cybercrime. Login credentials to over 70,000 hacked servers were being sold at an online marketplace known as xDedic. Like many underground online marketplaces where tech-savvy crooks trade illicit goods, xDedic can only be reached through the Dark Web.

Apparently, hacked servers are very affordable. Prices for hacked servers were found to go as low as 6 USD. Most of the servers were located in Brazil, China, Russia, India, Spain, Italy, France, Australia, Republic of South Africa, and Malaysia.

Launched in 2014, xDedic gained its reputation as a leading source of compromised server login credentials when 3,000 servers were added to its inventory sometime in 2015. Business has boomed since then.

Tools of the trade

Xdedic Rdp Patch Download

xDedic not only provides a platform for buying and selling hacked servers. It also offers both buyers and sellers tools they can use in finding servers that suit their specific objectives as well as carrying out remote administration via RDP.

Xdedic Rdp Patch Download

One example is a tool used by sellers to scan a hacked system and obtain relevant information such as the Windows version, size of RAM, type of CPU, whether ports 25 and 80 are open, type of VM used, antivirus installed, upload/download speeds, and so on. The same profiling tool is used to search for an RDP service on the server and then to patch it if any is found.

Xdedic Rdp Patch Download 64-bit

The patch modifies the RDP settings to allow multiple user logins, which would enable a buyer to access the server without alarming the server’s legitimate administrator. The buyer could then access the hacked server through xDedic’s own RDP client.

What can buyers do with a hacked server?

A hacked server can open up a lot of opportunities to a buyer, especially one who operates in the cybercrime industry. Because most of these servers have not yet been blacklisted by blacklisting engines and web reputation sites, they’re perfect for a variety of cyber attacks, including ransomware, malvertising, DDoS, phishing, and many others.

Of course, if a server also happens to store or provides access to storage systems that contain sensitive data, a buyer who specializes in identity theft could have a field day.

The Kaspersky researchers observed a marked interest for servers containing accounting, tax reporting and point-of-sale (POS) applications. Apparently, buyers need these applications for carrying out fraudulent operations. By making use of existing software, attackers can avoid arousing attention.

What countermeasures can help?

Servers that end up at xDedic acquire certain characteristics that can help cybersecurity specialists determine whether a server has been hacked. For instance, the profiling tool mentioned earlier, which is installed on a hacked server after the server is compromised (usually through brute-force attacks), communicates with certain Command-and-Control locations.

In addition, it has been found that the hacked servers are also infected with other pieces of software, including a certain Trojan, bitcoin mining software, and a wrapper for a proxy tool, among perhaps others. For more details about xDedic and these malicious tools, refer to the Kaspersky report on the subject.

Of course, prevention is always preferable to treatment. Once you’ve determined that your servers are safe, you should carry out server hardening to prevent future compromises.

Need help in determining whether your servers have been compromised? Contact us now for a free Harbinger network risk assessment.

Newsletter

Subscribe to our Threatpost Today newsletter

Xdedic Rdp Patch Download Windows 7

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Infosec Insider Post

Xdedic Rdp Patch Download Torrent

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored Content

Xdedic Rdp Patch V2.1

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.