Those of you who enjoy using Remote Desktop to access your home or work computer’s remotely should make yourself aware of a recently discovered new worm (dubbed “Morto” by Microsoft and F-Secure) that specifically targets Windows Remote Desktop users with weak passwords.
Microsoft’s Malware Protection Center – Threat Research & Response rates this recent threat as “Severe” and provides a list of known User names and Passwords (about half way down the page) that Morto will try to gain access to your system should you come across it. Note that the list on that page is by no means exhaustive – if you have a relatively short and easy to guess password, you’re still very vulnerable.
The site also provides some general common sense advice in how to prevent yourself from being infected by this latest threat.
- Ensure that your Windows Firewall is enabled
- Keep up to date with the latest Critical Security Updates by using Microsoft Windows Update regularly
- Use a good Antivirus tool and keep it up to date
- Don’t open file attachments in email unless you are certain it has come from a trusted source
- Be very careful when clicking on links during searches on Google, Yahoo and other search engines – malicious links will often include a short blurb promising something very enticing or free – remember the old adage, if it sounds to good to be true, it usually is
- Avoid downloading pirated software – Eventually, doing so will only end up costing you far more money than you save by just buying a legitimate copy of the software you need in the first place
- Be especially wary when using Social Networking Sites like FaceBook, Twitter etc (check my last blog post on precisely that topic)
- Use a STRONG password – A good place to check how strong the password you’re using is here “Microsoft Safety & Security Centre”
Prevention is always better than cure.. while it’s a pain in the rear to take the time out to make sure your computer is up to date with Security Updates, it’s far more painful when (not if) you get bitten and have to spend hours and / or $$$ on repairs.
Till the next time…