Hackers Abuse RDP Service to Exfiltrate Data and Drop Different Malicious Payloads

From gbhackers.com

RDP service

Hackers abuse legitimate RDP service to use fileless attack techniques for dropping multi-purpose off-the-shelf tools for device fingerprinting and to deploy malicious payloads ranging from ransomware to cryptocurrency miners.

The Remote Desktop is the built-in feature with most of the Windows installation and it has built-in file-sharing functionality that is used by the attackers as an infection vector.

Read more…