Hackers Sold Remote Access to Major Airport for Only $10

What can $10 purchase you in a hacker marketplace? How virtually remote access to a major international drome.

A Russian-linguistic communication site has been selling access to thousands of hacked computers, one of which connected to a Usa airport'south security and building automation systems, according to new research.

The sale was noticed past cybersecurity house McAfee, which has been investigating secret marketplaces that specialize in selling remote access to compromised servers.

For years, Microsoft has been offering arrangement administrators a way to control other visitor computers through the Remote Desktop Protocol or RDP. Unfortunately, RDP-enabled systems have likewise become a target for cybercriminals, who can use them for a variety of hacking schemes.

The Russian-language marketplace, Ultimate Anonymity Services, has been offering access to effectually 40,000 RDP systems, McAfee said in a Wednesday blog post. Many are Windows-based servers, and some are based in the US.

McAfee RDP Access

"Prices ranged from around United states $3 for a simple configuration to $19 for a loftier-bandwidth system that offered admission with administrator rights," McAfee said.

How have so many servers been compromised? It'south actually non as hard equally you might think. "Attackers simply scan the internet for systems that accept RDP connections and launch a animal-force attack with popular (password-dandy) tools," McAfee said in its report.

The attackers can and so sell their haul on a market, which can further fuel cybercrime. For instance, a compromised server can be used as a launching pad to generate spam electronic mail, send out malware, or to mine cryptocurrency.

In more than stray schemes, hackers can steal all the data from a compromised server or infect it with ransomware, leaving the organisation'southward owner to wrestle with the consequences.

In the case of the vulnerable drome system, McAfee said information technology was simply being sold as access to a Windows-based server. Withal, the security firm began excavation further and noticed that information technology used IP addresses from a major airport. The same server was also exposed on the open internet and independent user accounts relating to 2 companies that specialize in airdrome security.

Although the incident is certainly worrisome, underground marketplaces that sell RDP access to hacked servers have been around for years. McAfee recommends that system administrators employ complex passwords and 2-gene hallmark on computers that offer remote access. RDP connections should also be firewalled and regular checks should be made to lookout for unusual login attempts.