Skip to main content

Hackers Are Now Using Remote Desktop Services For Ransomware

By May 2, 2019May 19th, 2022Cybersecurity

Ransomware continues to be the weapon of choice for hackers around the world, but their distribution methods are evolving.  Recently, a new strain of the ransomware known as CryptoMix was found in the wild, sporting a new distribution methodology.

Hackers are beginning to target publicly exposed remote desktop services and installing their poisoned software manually.

In the case of the remix of CryptoMix, once installed, the malware appends the .DLL extension to all encrypted files and predictably demands a ransom from the victim to get his or her files back. Despite the evolving delivery method, the threat remains the same, so perhaps it’s time for a review.

Here are several things your staff can do to minimize your risk of being taken offline by a ransomware attack:

  • Back your data up religiously. This isn’t so much a prevention strategy as it is an insurance policy.  It should go without saying, but too many SMBs don’t do this, so we wanted to list it first.
  • Make sure your employees are absolutely phobic when it comes to opening attachments from people they don’t know and trust. Even in cases where they recognize the sender, it’s always best to take the step of phone verification before actually opening the file.
  • All attachments should be scanned with a robust antivirus tool before opening
  • Be sure your people know not to connect Remote Desktop Services directly to the internet. Everyone using such services should do so via a VPN.
  • Make sure all Windows updates and security patches are installed in a timely fashion. Many a problem can be avoided simply by keeping your software up to date.
  • If you’re not using some type of security software that relies on behavioral detection or white list technology, you’re not doing your company any favors.

None of these things (even taken together) will absolutely ensure that you don’t fall victim to a determined hacker, but they will dramatically reduce your risk.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.