Home Security Access to Windows through RDP for sale at low prices

Credentials for accessing computers at a major international airport through Microsoft's proprietary Remote Desktop Protocol have been found for sale for as little as US$10 by American security firm McAfee.

In a blog post, McAfee's John Fokker wrote that the company's Advance Threat Research team found the credentials linked to the security and building automation systems of the airport on hacker marketplaces on the dark web.

RDP allows one Windows user to access another Windows computer through a graphical interface and is used for remote administration by sysadmins. But, as Fokker pointed out, "The recent SamSam ransomware attacks on several American institutions demonstrate how RDP access serves as an entry point."

He said the team had looked at several RDP shops - from small ones which were selling 15 connections to much bigger outlets that selling more than 40,000 RDP connections.

"During the course of our research we noticed that the size of the bigger shops varies from day to day with about 10%," Fokker said.


"The goal of our research was not to create a definitive list of RDP shops; rather, we sought a better understanding of the general modus operandi, products offered, and potential victims."

RDP access for systems ranging from Windows XP to Windows 10 were advertised on these shops. Windows 2008 and Windows 2012 Server were the most abundant, with about 11,000 and 6500 systems respectively.

The prices ranged from US$3 for a simple configuration to US$19 for a high-bandwidth system that offered access with administrator rights.

Apart from RDP access, other services were advertised as well, depending on the shop.


"In addition to selling RDP, some of these shops offer a lively trade in social security numbers, credit card data, and logins to online shops," Fokker wrote.

"The second-largest RDP shop we researched, BlackPass, offered the widest variety of products. The most prolific of these brokers provide one-stop access to all the tools used to commit fraud: RDP access into computers, social security numbers and other integral data to set up loans or open bank accounts."

Screenshots: courtesy McAfee


With 4 keynotes + 33 talks + 10 in-depth workshops from world-class speakers, YOW! is your chance to learn more about the latest software trends, practices and technologies and interact with many of the people who created them.

Speakers this year include Anita Sengupta (Rocket Scientist and Sr. VP Engineering at Hyperloop One), Brendan Gregg (Sr. Performance Architect Netflix), Jessica Kerr (Developer, Speaker, Writer and Lead Engineer at Atomist) and Kent Beck (Author Extreme Programming, Test Driven Development).

YOW! 2018 is a great place to network with the best and brightest software developers in Australia. You’ll be amazed by the great ideas (and perhaps great talent) you’ll take back to the office!

Register now for YOW! Conference

· Sydney 29-30 November
· Brisbane 3-4 December
· Melbourne 6-7 December

Register now for YOW! Workshops

· Sydney 27-28 November
· Melbourne 4-5 December



Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the sitecame into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.


Popular News




Sponsored News