Security News > 2021 > April > Logins for 1.3 million Windows RDP servers collected from hacker market
The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials.
Due to its prevalent use in corporate networks, cybercriminals have built a thriving economy around selling the stolen credentials for RDP servers.
The use of Windows Remote Desktop Services to breach networks is so pervasive that the FBI has stated that RDP is responsible for 70-80% of all network breaches leading to ransomware attacks.
While we will not be listing any of the companies found in the database, we can say that the listed RDP servers are from all over the world, including government agencies from sixty-three countries, with Brazil, India, and the United States being the top three.
BleepingComputer has found many RDP servers in the database that belong to organizations known to have suffered ransomware attacks over the past two years.
The top five login names found in the sold RDP servers are 'Administrator', 'Admin', 'User', 'test', and 'scanner'.
News URL
Related news
- Windows driver zero-day exploited by Lazarus hackers to install rootkit (source)
- 0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193) (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Employee arrested for locking Windows admins out of 254 servers in extortion plot (source)
- Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Windows Server 2025 previews security updates without restarts (source)
- Microsoft ends development of Windows Server Update Services (WSUS) (source)
- Windows Server 2025 gets hotpatching option, without reboots (source)