Cybercriminals carry out their attacks for a wide variety of purposes. They can infect computers to cause malfunctions, steal information and then sell it to third parties, profit from ransomware and similar tactics, etc. In this article we echo a news item that reports on how hackers sell access to the victims’ network through remote management applications.
Sell network access in remote management applications
According to a group of security researchers, remote management and monitoring (RMM) software is starting to attract the attention of hackers. These types of tools can offer the ability to access multiple computers on the network.
They have detected cybercriminals who are advertising access to organization networks in different parts of the world. This affects companies using Windows, Linux and Mac systems. Many of these companies that have been attacked are an attractive target for ransomware operators, who can use this opportunity.
It should be noted that among these organizations there are also Spanish. This vendor that the researchers that we echo are aware of has been announcing access since July. In September it already had 36 accesses and accumulated earnings close to 100,000 euros.
They also report that hackers do not exclusively sell access to such remote management applications, but also offer credentials for remote desktop servers .
KELA, a cyber intelligence company, identified multiple victims. They also indicate that the activity sector of the companies is very varied. Here we must mention education, construction, manufacturing, health, public administrations …
The main method of attack is unknown
Regarding the main method of hacking , it remains unknown at the moment. Yet researchers believe it could be anything from attacking a managed service provider, direct brute force attacks, or exploiting the remote code execution vulnerability CVE-2020-10189 revealed in March.
We already know that there are many strategies and methods that hackers can use to attack. That is why we must always preserve our safety and avoid being victims.
Cybercriminals typically target vulnerabilities that may exist. Security flaws that are present in servers, devices, operating systems … In this way they manage to infect computers and carry out their attacks.
This makes it essential to always have the latest versions . Security patches can be used to correct these vulnerabilities that can be exploited. So we can protect our equipment. It is something that we must apply regardless of the type of operating system we are using or the type of device.
