Remote Desktop Services Hacked

Researchers discovered that cybercriminals are now hacking into remote desktop services with two new matrix ransomware variants. This new variants cam encrypt computer files, debug messages and use a cipher to wipe free space.

This cybersecurity problem can be easily avoided by implementing a cybersecurity solution inside every device, so don’t let your guard down depending of which OS your device is running it is mandatory to install an antivirus for Windows or antivirus for Mac.

If you are a company the install of antivirus is only the first layer of security, you must contract a cybersecurity company that will carry some advance cybersecurity tests to your company networks, like penetration tests, and ethical hacking tests.
Hackers target remote desktop services because they represent a useful tool often used by the helpdesk to access a PC troubleshooting problems remotely.

This service is used for internal sessions, or across VPN tunnels for remote employees only but hackers often manage to take advantage of it.
In case of a breach, companies should immediately inspect all network traffic to ensure that no RDP sessions: TCP port 3389 are open to the internet.

Most IT teams say they have configured their firewalls to block RDP, but only by using a network traffic analysis a company can ensure that its firewall rules are behaving as expected.
Always look for any traffic that is circumventing policy is paramount to reduce the risk from Matrix Ransomware attacks.

Remember: ransomware spreads like wildfire and is the most time critical of cyber threats. The ability to detect the pre-cursor behaviors of ransomware is the only way to get ahead of the attack. Unfortunately, that’s almost impossible to do if you are unprotected. To be safe and secured against ransomware like this, depending on which version of OS your device runs, please install an antivirus for Windows or antivirus for Mac.