New Worm Preys On Weak & Helpless Passwords For Windows Remote Desktop [News]

Matt Smith 30-08-2011

New Worm Preys On Weak & Helpless Passwords For Windows Remote Desktop [News] morto2Say hello to Morto, a Windows worm that has been spreading like wildfire over the last weekend. This new nasty has struck by spreading over the Windows Remote Desktop How to Establish Remote Desktop Access to Ubuntu From Windows Need to remote access your Ubuntu PC from another location? Here's how to remote desktop with Ubuntu from Windows. Read More Protocol. Rather than using fancy network trickery, Morto attempts to infect its target by entering passwords commonly used to secure RDP.


Like many previous worms, this new threat is not technically sophisticated but remains effective due to its persistence. While only a small number of systems may be accessible with the passwords that Morto tries, the worm uses every infected machine to scan for additional targets and spreads itself relentlessly. One infection on a network can quickly turn into a full-blown PC plague. Infected machines also have their security software discreetly terminated, making the worm more difficult to find and remove.

New Worm Preys On Weak & Helpless Passwords For Windows Remote Desktop [News] morto1

Security researchers caught the worm when they noticed spikes in network traffic, specifically traffic related to TCP port 3389, which is the port Windows Remote Desktop monitors for access requests. While the worm has caused a general increase in Internet traffic, the impact has so far been minimal. The worm does not seem to contain a damaging payload, so researchers do not yet know the method behind the madness.

Protection against Morto is simple. Disabling Windows Remote Desktop will cut off its means of infection. Alternatively, a strong password The 5 Best Online Password Generators for Strong Random Passwords Looking for a way to quickly create an unbreakable password? Try one of these online password generators. Read More containing random letters and numbers can thwart the worm.

Source: Computer World


Explore more about: Anti-Malware, Remote Desktop.

Whatsapp Pinterest

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. eBridge advertising
    August 30, 2011 at 6:16 pm

    A new worm called Morto has begun making the rounds on the Internet, infecting machines via Remote Desktop Protocol. ...thanks for the post!

  2. ekaspar
    August 30, 2011 at 6:08 pm

    This is really discouraging when you find an article where the TITLE is misspelled. Try "PREYS on weak and helpless passwords".
    Come on guys.

  3. No
    August 30, 2011 at 5:43 pm

    So how do you disable the remote desktop ?

    • Matt Smith
      August 31, 2011 at 5:56 pm

      Go to System Properties in the Windows Control Panel, go to the Remote tab, then un-check the Allow Remote Assistance box.