rdp worms again

4 views
Skip to first unread message

ad...@reviews.wox.org

unread,
Mar 25, 2020, 9:45:42 PM3/25/20
to 2600-au...@googlegroups.com
Just a heads up - worms on the lose again.

True to their word Microsoft has cut support to windows 7...
apparently by releasing one last update that adds a
vulnerability into RDP LOL.

Much to my surprise, my supposedly up to date with updates
Windows 7 Sony i7 laptop with a broken screen I just use to
run dedicated game servers on sometimes just got infected
with some variant of an encrypt everything and demand
bitcoin ransomware app.    The only public port was RDP. 
Lucky this thing hasn't got access to anything else on my
network, or I might be raging a lot more than I am.

Annoying, but I intend to burn the entire contents of the
harddisk by applying the Sony Qosmio factory image off DVD
again shortly.

Just means a map reset on the game I was playing, and
frankly it was due one anyway.

If anyone wants any code samples to play with let me know,
but I expect there are about to be plenty of other examples
to work with so you probably dont need one :P

Cheers

--
New and improved 2600... well..
..we drew on some flames and
polished it a bit..
--
Google - making sure, life is no more, than 1984...
--

Patrick Webster

unread,
Mar 26, 2020, 7:32:59 PM3/26/20
to 2600 Australia List
Unlucky :)

Is that from BlueKeep or another bug? I'm guessing it must be BlueKeep.

ad...@reviews.wox.org

unread,
Mar 27, 2020, 8:11:33 PM3/27/20
to 2600-au...@googlegroups.com
Not sure, when i've encountered these worms in the past they
try to get all over the shares on your network, so i just
figuratively kill it with fire the moment I find one.

Must be pretty recent exploit tho to take out a patched system.

On 27/03/2020 10:32 am, Patrick Webster wrote:
> Unlucky :)
>
> Is that from BlueKeep or another bug? I'm guessing it must be BlueKeep.
>

Reply all
Reply to author
Forward
0 new messages