IE 11 is not supported. For an optimal experience visit our site on another browser.

New Windows Worm Preys on Weak Passwords

/ Source: SecurityNewsDaily

A sneaky new Windows computer worm is spreading quickly by going after the keys to the castle — users' weak passwords.

The worm, dubbed "Morto," is infecting individuals and servers through Microsoft Windows Remote Desktop Protocol (RDP), a feature that allows users to remotely interface with their computers, Microsoft wrote on its TechNet blog.

Once a machine becomes infected, Morto starts scanning local networks for other computers that have RDP enabled. If it finds an open port, Morto tries to automatically log in as an administrator, after which it can download more malicious software and even be used to launch denial-of-service attacks.

Morto tries to keep its ugly head above ground not by any sophisticated methods, but by hitting computers with a series of about 30 different passwords, including "admin," "111," "123456," "666666," "111111" and perhaps the weakest and most predictable of all, "password."

"This particular worm highlights the importance of setting strong system passwords … the ability of attackers to exploit weak passwords shouldn't be underestimated," Microsoft wrote.

User comments in a Windows server forum indicate that anti-virus software is unable to detect Morto, and that the worm is infecting computers that are completely patched and running clean versions of Windows Server 2003 and Windows 7, the security firm Kaspersky Lab reported.

Microsoft recommends creating passwords at least 14 characters long, with letters, punctuation, symbols and numbers. It's also important to use different passwords for different websites, and to avoid common names or slang terms, as password-cracking malware can run through entire dictionaries in minutes. For more password protecting tips, click here.