You are here
Home > News > Windows RDP ports exposed by Malware

Windows RDP ports exposed by Malware

RDP ports sarwent malware Windows

Recently, a new version of the Sarwent malware was released. This new software has the capability to open the RDP ports on Windows PCs making them an easy target for hackers. 

This is a serious threat to Windows PC users and it is advised that they be careful though some users have already been affected. Getting rid of the malware is one thing but that doesn’t fix the problem with the RDP port, they can be retargeted again and again. 

What can the new Sarwent Malware do?

The Sarwent malware is known as a backdoor malware that functions as a malware loader in the past. Though less attention has been previously given to it, newer updates now show how dangerous the malware can be. The updates were mainly focused on RDP ports.

With the newer updates, the Sarwent malware can execute commands on Windows computers via PowerShell and the Windows Command Prompt (CMD). Also, the malware can create a new Windows user account and with this make changes that affect the computer’s firewall. All of these are to ensure smooth access to RDP. 

As mentioned before, removing the malware still leaves the RDP ports vulnerable and the hackers can still launch an attack. Computer owners are advised to erase all user accounts created by the Sarwent malware and revert the RDP changes made in the firewall to fix the problem.

Read Also: 7 Of The Best Windows 7 Antivirus After Support Ends

Why Hackers are interested in RDP ports

With malware such as Sarwent, it is clear that hackers are picking more interest in attacking Windows computers via their Remote Desktop Protocol Ports. They scan computers and servers looking for RDP vulnerabilities and then try to force their way through the ports. Well, the situation is linked to the COVID-19 pandemic which the world is currently dealing with. As more and more companies get their workers to work from home, the use of RDP has been on the high side. 


John Raymond

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.