Home Security Access to Windows through RDP for sale at low prices

Access to Windows through RDP for sale at low prices

Credentials for accessing computers at a major international airport through Microsoft's proprietary Remote Desktop Protocol have been found for sale for as little as US$10 by American security firm McAfee.

In a blog post, McAfee's John Fokker wrote that the company's Advance Threat Research team found the credentials linked to the security and building automation systems of the airport on hacker marketplaces on the dark web.

RDP allows one Windows user to access another Windows computer through a graphical interface and is used for remote administration by sysadmins. But, as Fokker pointed out, "The recent SamSam ransomware attacks on several American institutions demonstrate how RDP access serves as an entry point."

He said the team had looked at several RDP shops - from small ones which were selling 15 connections to much bigger outlets that selling more than 40,000 RDP connections.

"During the course of our research we noticed that the size of the bigger shops varies from day to day with about 10%," Fokker said.


"The goal of our research was not to create a definitive list of RDP shops; rather, we sought a better understanding of the general modus operandi, products offered, and potential victims."

RDP access for systems ranging from Windows XP to Windows 10 were advertised on these shops. Windows 2008 and Windows 2012 Server were the most abundant, with about 11,000 and 6500 systems respectively.

The prices ranged from US$3 for a simple configuration to US$19 for a high-bandwidth system that offered access with administrator rights.

Apart from RDP access, other services were advertised as well, depending on the shop.


"In addition to selling RDP, some of these shops offer a lively trade in social security numbers, credit card data, and logins to online shops," Fokker wrote.

"The second-largest RDP shop we researched, BlackPass, offered the widest variety of products. The most prolific of these brokers provide one-stop access to all the tools used to commit fraud: RDP access into computers, social security numbers and other integral data to set up loans or open bank accounts."

Screenshots: courtesy McAfee


Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips



Ransomware attacks on businesses and institutions are now the most common type of malware breach, accounting for 39% of all IT security incidents, and they are still growing.

Criminal ransomware revenues are projected to reach $11.5B by 2019.

With a few simple policies and procedures, plus some cutting-edge endpoint countermeasures, you can effectively protect your business from the ransomware menace.


Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.


Popular News