Computer security software provider McAfee warns that hackers managed to obtain remote desktop protocol (RDP) access to the security and building automation systems of a major international airport and placed it on sale for a paltry sum of $10.
"Attackers simply scan the Internet for systems that accept RDP connections and launch a brute-force attack with popular tools such as Hydra, NLBrute or RDP Forcer to gain access. These tools combine password dictionaries with the vast number of credentials stolen in recent large data breaches," McAfee explains.
The report also points to the existence of whole underground marketplaces which, along with RDP access data, also sell a variety of tools which could be used by hackers to conduct a wide array of malicious activities, ranging from planting false flags on innocent users’ computers to extortion and illegal cryptocurrency mining.
"The most prolific of these brokers provide one-stop access to all the tools used to commit fraud: RDP access into computers, social security numbers and other integral data to set up loans or open bank accounts," the report says.