There are some malware that seem to lay dormant then pop back up when we are least expecting it. No matter what we do to protect ourselves it seems as if certain strains of malware keep coming back. Unlike the virus, a worm is a piece of malware that we have not seen in a long time. Once several variants of worms were being created all of the time, now we see so little of new types. But ask and you shall receive. Well it seems like they are back now. We are seeing a new worm hit the internet now and it is known as the RDP worm.
What is a worm?
Before we get into what a RDP worm is, we should let you know what a basic worm is first. Where the virus is a problem on the actual system where it resides, a worm is more of a problem on the actual networks. A worm is a piece of malware that will propagate itself on a network over and over again. A worm is sometimes used to spread other types of malware but for the most part a worm is pretty dangerous on its own. It can be used to clog networks, sort of a like a DDOS attack but more localized.
So what is a RDP worm?
The RDP worm is a piece of malware that is being spread through Microsoft software. It is being spread by the RDP protocol on Windows computers. Hence the name RDP. The RDP protocol is also known as Remote Desktop Protocol. That is the protocol that allows people to connect to either the server or their desktop at work when they are at home. Somehow the worm author found out how to exploit this technology to use for its own purposes. This particular worm being spread is known as Morto.
Right now, the damage being brought by the RDP worm is that it is looking for user passwords on the networks that it affects. Once it has the password no-one knows what it is doing with them yet. It does not seem to be sending them to a remote computer but that might change as well.