Research by Microsoft shows that the new campaign in which attackers exploit RDP instances vulnerable to the BlueKeep vulnerability in order to install cryptojacking malware, is likely tied to a cryptojacking campaign observed in September of this year. BlueKeep is a critical remote code execution flaw affecting RDP services on unpatched older Windows systems.
The tech giant agrees with other researchers that in the future, “the BlueKeep exploit will likely be used to deliver payloads more impactful and damaging than coin miners.” It therefore organizations to “locate and patch exposed RDP services now.”
Read more: Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now