Almost nearly six months of warnings that Microsoft Windows users must patch the critical Remote Desktop Protocol vulnerability known as BlueKeep, researchers finally have detected the first known attempt at a large-scale attack aimed at exploiting his remote code execution flaw.
Since last May, security experts have expressed concern that a BlueKeep exploit attack could lead to a major worm attack like the 2017 WannaCry and NotPetya incidents. Fortunately, this recently observed malicious activity has so far fallen short of their worst fears. In this case, the attackers are attempting to infect users with only a cryptominer, rather than a ransomware or destructive disk wiper program. And instead of attempting to spread the malware like a worm, the perpetrators have simply been scanning the internet for computers vulnerable to BlueKeep.
Researcher Kevin Beaumont, who is credited for naming BlueKeep, initially detected the activity via his honeypots that monitor TCP port 3389, which is used by the Windows Remote Desktop protocol. As ..
Support the originator by clicking the read the rest link below.
