New Worm Morto Using RDP To Infect Windows PCs 200
Trailrunner7 writes "A new worm called Morto has begun making the rounds on the Internet, infecting machines via Remote Desktop Protocol. The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. Users who have seen Morto infections are reporting in Windows help forums that the worm is infecting machines that are completely patched and are running clean installations of Windows Server 2003."
Re:Finally (Score:5, Interesting)
If you get hacked, you deserve it.
Compromising Remote Desktop connections on a network: Port 3389 (RDP)
Worm:Win32/Morto.A cycles through IP addresses on the affected computer's subnet and attempts to connect to located systems as administrator using passwords from the following list:
*1234
0
111
123
369
1111
12345
111111
123123
123321
123456
168168
520520
654321
666666
888888
1234567
12345678
123456789
1234567890
!@#$%^
%u%
%u%12
1234qwer
1q2w3e
1qaz2wsx
aaa
abc123
abcd1234
admin
admin123
letmein
pass
password
server
test
user