النسخة العربية

Oman National CERT Towards a safe cyber environment

" Red Chungu" Training

For the first time in Oman ARCC is conducting the "Red Chungu" Training in Oman from 10 Sep 2017 to 14 Sep 2017

View
6th Regional Cyber Security Summit

6th Regional Cyber Security Summit

Date : 20th to 21st November 2017 ... Location : Sheraton Oman Hotel, Muscat

View
4th Oman National Cyber Drill

4th Oman National Cyber Drill

Date :23rd – 25th , October, 2017 ... Location : Grand Hormuz Hotel, Muscat

View
OIC-CERT Annual Conference 2017

OIC-CERT Annual Conference 2017

Date : 6 – 9 November 2017 ... Location : Baku, Azerbaijan

View
WannaCry Ransomware

WannaCry Ransomware

A major ransomware attack campaign hit computer systems and the attack appears to have affected a hundreds of private companies and public of organizations in several countries

View

Media Center

Share it

Online Incidents Report
Request OCERT Services
Information Security Glossary

OCERT News

 

Hacker Exposes Thousands of Insecure Desktops That Anyone Can Remotely View

OCERT Latest News

30/Mar/2016


Thousands of insecure desktops were publicly available for anyone with a VNC connection to view. A hacker, going by the handle of “Revolver”, created a script that cycled through IP addresses which tries to connect to unsecured servers through a web-based VNC viewer. If the script finds an available connection without any authentication, it will connect and grab a screenshot, otherwise the script will kill the session and move to a different IP address.


Thousands of desktops -- Windows, Macs, and even Linux machines -- were open to VNC connection without any passwords. And hundreds of screenshots captured exposed potentially highly-sensitive Supervisory Control and Data Acquisition (SCADA) systems, which are typically used in industrial facilities.


The thousands of screenshots which have been collected, were uploaded to a website called VNC Roulette, which shows a snapshot in time of a random internet-connected desktop. However, not all have been posted on the website as they contain critical/sensitive information.


The unfettered access to thousands of desktops is “not a configuration issue” or a flaw or vulnerability in how VNC is designed. It is the result of users' not setting a password even though an interface or message prompts users to make a password for security upon installation of VNC.


Workaround/Advices:

It is strongly recommended to setup password protection for all remote connection application (VNC, RDP, TeamViewer, etc.).

Setting a strong password (at least one uppercase character, one lowercase character, one special character and 8 characters in length) is highly recommended.


References:

Kindly refer to the reference provided below for additional information:

ZDNet - hxtp://www.zdnet.com/article/hacker-exposes-thousands-of-insecure-desktops-that-anyone-can-remotely-view/


  • News Archive