Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: MultiRDP Malware Enables Multiple Simultaneous RDP Connections
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

MultiRDP Malware Enables Multiple Simultaneous RDP Connections

Highlights

  • MultiRDP malware permits multiple RDP connections by modifying memory.

  • ASEC identified evolving tactics in attacks using MultiRDP malware.

  • Organizations must enhance security measures to combat these threats.

Kaan Demirel
Last updated: 11 June, 2024 - 3:16 pm 3:16 pm
Kaan Demirel 12 months ago
Share
SHARE

Threat actors are using the Remote Desktop Protocol (RDP) to gain unauthorized access to networks, fully control systems, extract sensitive data, and implant malware. The recent discovery of the MultiRDP malware by ASEC cybersecurity researchers has revealed that this malware allows multiple attackers to connect via RDP by modifying the memory, posing significant risks to targeted systems. This revelation underscores the evolving tactics of cyber attackers and the need for enhanced cybersecurity measures.

Contents
MultiRDP Malware TacticsKey Inferences from the Findings

MultiRDP malware is a tool that allows multiple simultaneous RDP connections to a single system. It was launched recently and has been used by various threat actors to facilitate unauthorized access and control over targeted networks. The malware modifies the system’s memory to permit multiple RDP sessions, making it easier for attackers to collaborate and carry out complex attacks without being detected. This tool has been particularly detrimental to businesses and organizations that rely heavily on RDP for remote access and management of their IT infrastructure.

ASEC’s recent findings indicate that the attacks linked to MultiRDP malware were first identified in November 2023. They were initially associated with the Kimsuky group but exhibited distinct characteristics, such as using software updaters for lateral movement and deploying Andariel’s DurianBeacon backdoor. These attacks resumed in February 2024, with the final payload being replaced by the SmallTiger downloader, demonstrating a shift in tactics by the threat actors.

MultiRDP Malware Tactics

The MultiRDP malware attacks involved dropping a service named “mozillasvcone” through software updater programs, which then loaded an encrypted DLL. This DLL decrypted and executed additional files directly in memory, deploying an updated edition of the DurianBeacon RAT. The multistage infection process indicated evolving techniques, combining unknown delivery mechanisms with familiar malware families such as DurianBeacon and SmallTiger. The attackers utilized Mimikatz and ProcDump for credential theft, further complicating the threat landscape.

ASEC confirmed that SmallTiger malware was actively distributed in November 2023, with ongoing attacks targeting South Korean companies. The same threat actor exploited different software vulnerabilities to deploy the SmallTiger downloader malware, which downloaded and executed subsequent payloads in memory. The attackers also used GitHub for distributing SmallTiger in May 2024, highlighting the persistent and adaptive nature of these cyber threats.

Key Inferences from the Findings

– MultiRDP malware allows multiple simultaneous RDP connections by modifying system memory.
– The use of known malware strains like DurianBeacon and SmallTiger points to adaptive threat actor tactics.
– Credential theft via tools like Mimikatz and ProcDump complicates the cybersecurity landscape.

The evolving threat landscape necessitates a robust response from cybersecurity professionals and organizations. Companies must enhance their security monitoring and implement timely vulnerability patches to mitigate the risks posed by advanced malware like MultiRDP. Ensuring the latest updates for operating systems, browsers, and security software is crucial in preventing infections and safeguarding sensitive data. Additionally, maintaining vigilance against suspicious email attachments and downloaded executables can help reduce the risk of malware infiltration.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Attackers Target Ivanti EPMM Flaws, Breaching Major Sectors

Russian Cyber Group Strikes NATO and Ukraine, Hits Key Sectors

International Sting Disrupts Core Ransomware Infrastructure

Authorities Disrupt DanaBot Cybercrime Network with Global Effort

Global Operation Disrupts 10 Million Device Malware Network

Share This Article
Facebook Twitter Copy Link Print
Kaan Demirel
By Kaan Demirel
Kaan Demirel is a 28-year-old gaming enthusiast residing in Ankara. After graduating from the Statistics department of METU, he completed his master's degree in computer science. Kaan has a particular interest in strategy and simulation games and spends his free time playing competitive games and continuously learning new things about technology and game development. He is also interested in electric vehicles and cyber security. He works as a content editor at NewsLinker, where he leverages his passion for technology and gaming.
Previous Article UNC5537 Hackers Target Snowflake Databases
Next Article ZKTeco Biometric Terminal Security Flaws Identified

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Nvidia Targets Budget Gaming Laptops with New RTX 5050 Launch
Computing
Analyst Cites Concerns as Future Fund Sells All Tesla Shares
Electric Vehicle
Google Detects Chinese-Linked Cyber Attacks Using Calendar Service
Technology
Tesla Brings iPhone Live Charging Updates to Supercharger Users
Apple Electric Vehicle
Salesforce Bets on Informatica to Boost Enterprise AI Capabilities
AI
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?