النسخة العربية

Oman National CERT Towards a safe cyber environment

Oman Threat Hunter 2018

Oman Threat Hunter 2018

“THREAT HUNTER” a national competition that is organized by ITU-Arab Regional Cybersecurity Center (ITU-ARCC) in a partnership with Silensec ...

View
Guide Manual for Reporting Abuse Through Social Media

Guide Manual for Reporting Abuse Through Social Media

This guidance booklet is written to facilitate reporting abuse process through Social Media and afford easy, smooth, and clear way of guidance to report over social media correctly.

View
Cybersecurity Specialized Training Courses

Cybersecurity Specialized Training Courses

Oman National CERT in cooperation with the Arab Regional Cybersecurity Center (ARCC) is conducting a series of specialized training in cybersecurity hosted in Oman.

View
Oman CERT participation in the Safer Internet Day 2018

Oman CERT participation in the Safer Internet Day 2018

Oman CERT is participating in the Safer Internet Day 2018 on 6th of February 2018, under the Theme: Create, connect and share respect: A better internet starts with you

View
Oman Cybersecurity CTF competition

Oman Cybersecurity CTF competition

ARCC in collaboration with Cyber Talents are organizing "Oman Cybersecurity CTF competition" hosted by ITA through Oman National CERT.

View

Media Center

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

OCERT News

 

Hacker Exposes Thousands of Insecure Desktops That Anyone Can Remotely View

OCERT Latest News

30/Mar/2016


Thousands of insecure desktops were publicly available for anyone with a VNC connection to view. A hacker, going by the handle of “Revolver”, created a script that cycled through IP addresses which tries to connect to unsecured servers through a web-based VNC viewer. If the script finds an available connection without any authentication, it will connect and grab a screenshot, otherwise the script will kill the session and move to a different IP address.


Thousands of desktops -- Windows, Macs, and even Linux machines -- were open to VNC connection without any passwords. And hundreds of screenshots captured exposed potentially highly-sensitive Supervisory Control and Data Acquisition (SCADA) systems, which are typically used in industrial facilities.


The thousands of screenshots which have been collected, were uploaded to a website called VNC Roulette, which shows a snapshot in time of a random internet-connected desktop. However, not all have been posted on the website as they contain critical/sensitive information.


The unfettered access to thousands of desktops is “not a configuration issue” or a flaw or vulnerability in how VNC is designed. It is the result of users' not setting a password even though an interface or message prompts users to make a password for security upon installation of VNC.


Workaround/Advices:

It is strongly recommended to setup password protection for all remote connection application (VNC, RDP, TeamViewer, etc.).

Setting a strong password (at least one uppercase character, one lowercase character, one special character and 8 characters in length) is highly recommended.


References:

Kindly refer to the reference provided below for additional information:

ZDNet - hxtp://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/


  • News Archive