Pinterest Stumbleupon Whatsapp
Ads by Google

Say hello to Morto, a Windows worm that has been spreading like wildfire over the last weekend. This new nasty has struck by spreading over the Windows Remote Desktop How To Establish A Remote Desktop Access to Ubuntu from Windows How To Establish A Remote Desktop Access to Ubuntu from Windows Read More Protocol. Rather than using fancy network trickery, Morto attempts to infect its target by entering passwords commonly used to secure RDP.

Like many previous worms, this new threat is not technically sophisticated but remains effective due to its persistence. While only a small number of systems may be accessible with the passwords that Morto tries, the worm uses every infected machine to scan for additional targets and spreads itself relentlessly. One infection on a network can quickly turn into a full-blown PC plague. Infected machines also have their security software discreetly terminated, making the worm more difficult to find and remove.

Security researchers caught the worm when they noticed spikes in network traffic, specifically traffic related to TCP port 3389, which is the port Windows Remote Desktop monitors for access requests. While the worm has caused a general increase in Internet traffic, the impact has so far been minimal. The worm does not seem to contain a damaging payload, so researchers do not yet know the method behind the madness.

Protection against Morto is simple. Disabling Windows Remote Desktop will cut off its means of infection. Alternatively, a strong password 5 Free Password Generators For Nearly Unhackable Passwords 5 Free Password Generators For Nearly Unhackable Passwords Read More containing random letters and numbers can thwart the worm.

Source: Computer World

Ads by Google

  1. eBridge advertising
    August 30, 2011 at 6:16 pm

    A new worm called Morto has begun making the rounds on the Internet, infecting machines via Remote Desktop Protocol. ...thanks for the post!

  2. ekaspar
    August 30, 2011 at 6:08 pm

    This is really discouraging when you find an article where the TITLE is misspelled. Try "PREYS on weak and helpless passwords".
    Come on guys.

  3. No
    August 30, 2011 at 5:43 pm

    So how do you disable the remote desktop ?
    woot.

    • Matt Smith
      August 31, 2011 at 5:56 pm

      Go to System Properties in the Windows Control Panel, go to the Remote tab, then un-check the Allow Remote Assistance box.

Leave a Reply

Your email address will not be published. Required fields are marked *