HomeNewsWindows RDP ports exposed by Malware

Windows RDP ports exposed by Malware

If you purchase via links on our reader-supported site, we may receive affiliate commissions.

Recently, a new version of the Sarwent malware was released. This new software has the capability to open the RDP ports on Windows PCs making them an easy target for hackers. 

This is a serious threat to Windows PC users and it is advised that they be careful though some users have already been affected. Getting rid of the malware is one thing but that doesn’t fix the problem with the RDP port, they can be retargeted again and again. 

What can the new Sarwent Malware do?

The Sarwent malware is known as a backdoor malware that functions as a malware loader in the past. Though less attention has been previously given to it, newer updates now show how dangerous the malware can be. The updates were mainly focused on RDP ports.

With the newer updates, the Sarwent malware can execute commands on Windows computers via PowerShell and the Windows Command Prompt (CMD). Also, the malware can create a new Windows user account and with this make changes that affect the computer’s firewall. All of these are to ensure smooth access to RDP. 

As mentioned before, removing the malware still leaves the RDP ports vulnerable and the hackers can still launch an attack. Computer owners are advised to erase all user accounts created by the Sarwent malware and revert the RDP changes made in the firewall to fix the problem.

Read Also: 7 Of The Best Windows 7 Antivirus After Support Ends

Why Hackers are interested in RDP ports

With malware such as Sarwent, it is clear that hackers are picking more interest in attacking Windows computers via their Remote Desktop Protocol Ports. They scan computers and servers looking for RDP vulnerabilities and then try to force their way through the ports. Well, the situation is linked to the COVID-19 pandemic which the world is currently dealing with. As more and more companies get their workers to work from home, the use of RDP has been on the high side. 



Subscribe to SecureBlitz Newsletter

* indicates required
John Raymond
John Raymond
John Raymond is a cybersecurity content writer, with over 5 years of experience in the technology industry. He is passionate about staying up-to-date with the latest trends and developments in the field of cybersecurity, and is an avid researcher and writer. He has written numerous articles on topics of cybersecurity, privacy, and digital security, and is committed to providing valuable and helpful information to the public.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.