Forgot your password?
typodupeerror
Security Windows Worms IT

New Worm Morto Using RDP To Infect Windows PCs 200

Posted by timothy
from the my-heart-goes-out-to-you dept.
Trailrunner7 writes "A new worm called Morto has begun making the rounds on the Internet, infecting machines via Remote Desktop Protocol. The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. Users who have seen Morto infections are reporting in Windows help forums that the worm is infecting machines that are completely patched and are running clean installations of Windows Server 2003."
This discussion has been archived. No new comments can be posted.

New Worm Morto Using RDP To Infect Windows PCs

Comments Filter:
  • Re:Finally (Score:5, Interesting)

    by jhoegl (638955) on Sunday August 28, 2011 @01:04PM (#37235052)
    Finally finally... LOL

    If you get hacked, you deserve it.

    Compromising Remote Desktop connections on a network: Port 3389 (RDP)
    Worm:Win32/Morto.A cycles through IP addresses on the affected computer's subnet and attempts to connect to located systems as administrator using passwords from the following list:

    *1234
    0
    111
    123
    369
    1111
    12345
    111111
    123123
    123321
    123456
    168168
    520520
    654321
    666666
    888888
    1234567
    12345678
    123456789
    1234567890
    !@#$%^
    %u%
    %u%12
    1234qwer
    1q2w3e
    1qaz2wsx
    aaa
    abc123
    abcd1234
    admin
    admin123
    letmein
    pass
    password
    server
    test
    user

"Our reruns are better than theirs." -- Nick at Nite

Working...