From bleepingcomputer.com
A botnet is currently scanning the internet in search of poorly protected Windows machines with Remote Desktop Protocol (RDP) connection enabled.
Called GoldBrute, of the malware compiled a list of over 1.5 million unique systems and systematically tests access on them with brute-force or credential stuffing attacks.
A search on Shodan search engine shows that there are about 2.4 million machines that are reachable over the web and have remote desktop protocol enabled.