{"id":16849,"date":"2023-09-06T14:57:18","date_gmt":"2023-09-06T14:57:18","guid":{"rendered":"http:\/\/www.namorgy.com\/blog\/?p=16849"},"modified":"2023-09-06T14:57:20","modified_gmt":"2023-09-06T14:57:20","slug":"researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol","status":"publish","type":"post","link":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/","title":{"rendered":"Researchers uncover novel RDStealer malware targeting remote desktop protocol"},"content":{"rendered":"\n

By\u00a0Richard Speed<\/a><\/p>\n\n\n\n

Experts said the level of disguise observed in this campaign \u201csurpasses anything witnessed thus far\u201d<\/p>\n\n\n\n

\"\"\/<\/figure>\n\n\n\n

Security researchers have uncovered a brand-new malware strain targeting Windows\u2019 remote desktop protocol (RDP).<\/p>\n\n\n\n

Experts at Bitdefender Labs revealed the newly discovered malware<\/u><\/a> today, dubbed RDStealer. <\/p>\n\n\n\n

RDStealer takes the form of a server-side implant that monitors incoming connections with client drive mapping enabled.<\/p>\n\n\n\n

Once connected, an\u00a0RDP<\/u><\/a>\u00a0client is infected with the Logutil malware, allowing data (including credentials and private keys) to be extracted.<\/p>\n\n\n\n

<\/p>\n\n\n\n

Read more at: https:\/\/www.itpro.com\/security\/malware\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol<\/a><\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

By\u00a0Richard Speed Experts said the level of disguise observed in this campaign \u201csurpasses anything witnessed thus far\u201d Security researchers have uncovered a brand-new malware strain targeting Windows\u2019 remote desktop protocol …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-16849","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\nResearchers uncover novel RDStealer malware targeting remote desktop protocol -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Researchers uncover novel RDStealer malware targeting remote desktop protocol -\" \/>\n<meta property=\"og:description\" content=\"By\u00a0Richard Speed Experts said the level of disguise observed in this campaign \u201csurpasses anything witnessed thus far\u201d Security researchers have uncovered a brand-new malware strain targeting Windows\u2019 remote desktop protocol …\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-06T14:57:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-06T14:57:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp\" \/>\n<meta name=\"author\" content=\"Namorgy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Namorgy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#article\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/\"},\"author\":{\"name\":\"Namorgy\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\"},\"headline\":\"Researchers uncover novel RDStealer malware targeting remote desktop protocol\",\"datePublished\":\"2023-09-06T14:57:18+00:00\",\"dateModified\":\"2023-09-06T14:57:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/\"},\"wordCount\":104,\"image\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cdn.mos.cms.futurecdn.net\\\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/\",\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/\",\"name\":\"Researchers uncover novel RDStealer malware targeting remote desktop protocol -\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#primaryimage\"},\"image\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/cdn.mos.cms.futurecdn.net\\\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp\",\"datePublished\":\"2023-09-06T14:57:18+00:00\",\"dateModified\":\"2023-09-06T14:57:20+00:00\",\"author\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\"},\"breadcrumb\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#primaryimage\",\"url\":\"https:\\\/\\\/cdn.mos.cms.futurecdn.net\\\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp\",\"contentUrl\":\"https:\\\/\\\/cdn.mos.cms.futurecdn.net\\\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Researchers uncover novel RDStealer malware targeting remote desktop protocol\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#website\",\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/\",\"name\":\"Namorgy.com\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\",\"name\":\"Namorgy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"caption\":\"Namorgy\"},\"sameAs\":[\"http:\\\/\\\/www.namorgy.com\"],\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/author\\\/namorgy_12uffn\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Researchers uncover novel RDStealer malware targeting remote desktop protocol -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/","og_locale":"en_US","og_type":"article","og_title":"Researchers uncover novel RDStealer malware targeting remote desktop protocol -","og_description":"By\u00a0Richard Speed Experts said the level of disguise observed in this campaign \u201csurpasses anything witnessed thus far\u201d Security researchers have uncovered a brand-new malware strain targeting Windows\u2019 remote desktop protocol …","og_url":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/","article_published_time":"2023-09-06T14:57:18+00:00","article_modified_time":"2023-09-06T14:57:20+00:00","og_image":[{"url":"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp","type":"","width":"","height":""}],"author":"Namorgy","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Namorgy","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#article","isPartOf":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/"},"author":{"name":"Namorgy","@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2"},"headline":"Researchers uncover novel RDStealer malware targeting remote desktop protocol","datePublished":"2023-09-06T14:57:18+00:00","dateModified":"2023-09-06T14:57:20+00:00","mainEntityOfPage":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/"},"wordCount":104,"image":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/","url":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/","name":"Researchers uncover novel RDStealer malware targeting remote desktop protocol -","isPartOf":{"@id":"http:\/\/www.namorgy.com\/blog\/#website"},"primaryImageOfPage":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#primaryimage"},"image":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp","datePublished":"2023-09-06T14:57:18+00:00","dateModified":"2023-09-06T14:57:20+00:00","author":{"@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2"},"breadcrumb":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#primaryimage","url":"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp","contentUrl":"https:\/\/cdn.mos.cms.futurecdn.net\/o7aE2bbqGF7TeVESbqgZfb-970-80.jpg.webp"},{"@type":"BreadcrumbList","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/researchers-uncover-novel-rdstealer-malware-targeting-remote-desktop-protocol\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/www.namorgy.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Researchers uncover novel RDStealer malware targeting remote desktop protocol"}]},{"@type":"WebSite","@id":"http:\/\/www.namorgy.com\/blog\/#website","url":"http:\/\/www.namorgy.com\/blog\/","name":"Namorgy.com","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.namorgy.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2","name":"Namorgy","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","caption":"Namorgy"},"sameAs":["http:\/\/www.namorgy.com"],"url":"http:\/\/www.namorgy.com\/blog\/author\/namorgy_12uffn\/"}]}},"_links":{"self":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16849","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/comments?post=16849"}],"version-history":[{"count":1,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16849\/revisions"}],"predecessor-version":[{"id":16850,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16849\/revisions\/16850"}],"wp:attachment":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/media?parent=16849"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/categories?post=16849"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/tags?post=16849"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}