Sell network access in remote management applications
According to a group of security researchers, the remote monitoring and management software (RMM) is starting to get the attention of hackers. These types of tools can offer the ability to access multiple computers on the network.
They have detected cybercriminals who are advertising the access to organization networks in different parts of the world. This affects companies using Windows, Linux and Mac systems. Many of these companies that have been attacked are an attractive target for ransomware operators, who can use this opportunity.
It should be noted that among these organizations there are also Spanish. This vendor that the researchers that we echo are aware of has been announcing access since July. In September it already had 36 accesses and accumulated earnings close to 100,000 euros.
They also report that hackers do not exclusively sell access to such remote management applications, but also offer credentials for servers remote desktop.
KELA, a cyber intelligence company, identified multiple victims. They also indicate that the activity sector of the companies is very varied. Here we must mention education, construction, manufacturing, health, public administrations …
The main method of attack is unknown
With respect to main hacking method, this remains unknown at the moment. However, researchers believe it could be anything from attacking a managed service provider, direct brute force attacks, or exploiting the remote code execution vulnerability CVE-2020-10189 revealed in March.
We already know that there are many strategies and methods that hackers can use to attack. That is why we must always preserve our safety and avoid being victims.
Cybercriminals typically target vulnerabilities that may exist. Security flaws that are present in servers, devices, operating systems … In this way they manage to infect computers and carry out their attacks.
This makes it essential to always have the latest versions. Security patches can be used to correct these vulnerabilities that can be exploited. So we can protect our equipment. It is something that we must apply regardless of the type of operating system we are using or the type of device.
We leave you a tutorial where we show the best vulnerability scanners. A selection to be able to find those security flaws that we mentioned and to be able to correct them before the attackers can exploit them.