Over 9,000 VNC servers exposed online without a password

Over 9,000 VNC servers exposed online without a password

Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to internal networks.

VNC (virtual network computing) is a platform-independent system meant to help users connect to systems that require monitoring and adjustments, offering control of a remote computer via RFB (remote frame buffer protocol) over a network connection.

If these endpoints aren’t properly secured with a password, which is often the result of negligence, error, or a decision taken for convenience, they can serve as entry points for unauthorized users, including threat actors with malicious intentions.

Depending on what systems lie behind the exposed VNCs, like, for example, water treatment facilities, the implications of abusing access could be devastating for entire communities.

Alarming findings

Security weakness hunters at Cyble scanned the web for internet-facing VNC instances with no password and found over 9,000 accessible servers.

Over 9,000 VNC servers exposed online without a password

Unsecured VNCs spread across the world (Cyble)

Most of the exposed instances are located in China and Sweden, while the United States, Spain, and Brazil followed in the top 5 with significant volumes of unprotected VNCs.

Over 9,000 VNC servers exposed online without a password

Countries with the most exposed VNC instances (Cyble)

To make matters worse, Cybcle found some of these exposed VNC instances to be for industrial control systems, which should never be exposed to the Internet.

“During the course of the investigation, researchers were able to narrow down multiple Human Machine Interface (HMI) systems, Supervisory Control And Data Acquisition Systems (SCADA), Workstations, etc., connected via VNC and exposed over the internet,” details Cyble in the report.

In one of the explored cases, the exposed VNC access led to an HMI for controlling pumps on a remote SCADA system in an unnamed manufacturing unit.

Over 9,000 VNC servers exposed online without a password

Accessing a pump-controlling HMI over an unprotected VNC (Cyble)

To see how often attackers target VNC servers, Cyble used its cyber-intelligence tools to monitor for attacks on port 5900, the default port for VNC. Cyble found that there were over six million requests over one month.

Most attempts to access VNC servers originated from the Netherlands, Russia, and the United States.

Demand for VNC access

Demand for accessing critical networks via exposed or cracked VNCs is high on hacker forums, as this kind of access can, under certain circumstances, be used for deeper network infiltration.

Over 9,000 VNC servers exposed online without a password

Threat actor asking to buy VNC access

“Adversaries may abuse VNC to perform malicious actions as the logged-on user such as opening documents, downloading files, and running arbitrary commands,” a Cyble researcher told Bleeping Computer during a private discussion.

“An adversary could use VNC to remotely control and monitor a system to collect data and information to pivot to other systems within the network.”

In other cases, security enthusiasts offer instructions on how users can scan and locate these exposed instances on their own.

Over 9,000 VNC servers exposed online without a password

Instructions on how to find exposed VNCs

A darknet forum post seen by Bleeping Computer features a long list of exposed VNC instances with very weak or no passwords.

Over 9,000 VNC servers exposed online without a password

List VNCs with weak or no passwords

The case of weak passwords raises another concern around VNC security, as Cyble’s investigation only focused on instances that had the authentication layer completely disabled.

If poorly secured servers whose passwords are easy to crack were included in the investigation, the number of potentially vulnerable instances would be much more significant.

On that front, it is essential to remember that many VNC products do not support passwords longer than eight characters, so they are inherently insecure even when the sessions and passwords are encrypted.

VNC admins are advised to never expose servers directly to the Internet, and if they must be remotely accessible, at least place them behind a VPN to secure access to the servers.

Even then, admins should always add a password to instances to restrict access to the VNC servers.

News Related


Scientists figure out upcycling plastics to reduce greenhouse gas emissions

Graphical abstract. Credit: Journal of the American Chemical Society (2022). DOI: 10.1021/jacs.2c07781 Scientists from the University of Illinois Urbana-Champaign, University of California, Santa Barbara, and Dow have developed a breakthrough ... Read more »

AI can produce prize-winning art, but it still can't compete with human creativity

Various artworks of robots, drawn by AI. Image created by the author (using Stable Diffusion). Author provided People consider creativity to be inherently human. However, artificial intelligence (AI) has reached ... Read more »

Promoting Crypto on Instagram? Disclosures Need More Than a Hashtag, Says Gensler

Following charges against Kim Kardashian for promoting a cryptocurrency, Gensler explained why the SEC took aim at the high-profile celebrity. Read more »

Heat-loving bacteria from an Antarctic volcano could help tackle oil contamination

Saudi Arabia’s extreme environments, such as the Al Wahbah crater pictured above, may harbor useful extremophile bacteria. Credit: 2022 KAUST; Junia Schultz A comprehensive analysis of bacterial communities from Deception ... Read more »

Jurassic ichthyosaurs divided food resources to co-exist, researchers find

The skull of Ichthyosaurs Hauffiopteryx typicus from the Strawberry Bank Lagerstätte (BRLSI M1399) one of the specimens that were the subject of this study. Credit: Bath Royal Literary and Scientific ... Read more »

Improved efficiency of all-polymer solar cells

The high FFs (~70%) of the all-polymer blend solar cells were achieved because of the longer charge-carrier lifetimes due to the lower bimolecular charge recombination coefficients. The preferred blend morphology ... Read more »

Video: Why does salt change the taste of everything?

Credit: The American Chemical Society If your coffee is too bitter, add a pinch of salt. If your salad isn’t sour enough, add a pinch of salt. If your beer ... Read more »

Hubble spies a stately spiral galaxy

Credit: ESA/Hubble & NASA, J. Greene; CC BY 4.0 Acknowledgement: R. Colombari The stately sweeping spiral arms of the spiral galaxy NGC 5495 are revealed by the NASA/ESA Hubble Space ... Read more »

Optical biosensing through a toy microscope over a surface 'rainbow' chip

Schematic diagram of the rainbow trapping metasurface used in lung cancer diagnosis (left) and trapped “rainbow” localization images for spectral analysis observed by a 4× objective lens (right). Credit: Qiaoqiang ... Read more »

Logitech G Pro Racing Wheel Review

Logitech’s true sim wheel stumbles out of the gate. Read more »

The Corvette Z06's Engine Forced Engineers to Change How They Developed the Rest of the Car

The executive chief engineer of the Corvette sits down with us for a wide ranging discussion on the most track-focused Z06 ever. Read more »

The Baker Mayfield honeymoon in Carolina ends after four games

Panthers quarterback Baker Mayfield isn’t fazed by the boos he heard Sunday from the hometown crowd at Bank of America Stadium in Charlotte, where Carolina fell to Arizona, 26-16. When ... Read more »

Lightfoot Makes Case For Proposed 2023 Budget, Urges City Council to ‘Be Bold With Me'

Mayor Lori Lightfoot urged the City Council on Monday to “be bold with me … to continue to right historic wrongs” that have created two Chicagos: one for the haves, ... Read more »

Queens and Talbot intersection closed until December for BRT work: City of London

City officials in London, Ont., are warning drivers in the downtown core to be aware of additional traffic impacts as a result of underground work for the Downtown Loop portion ... Read more »

Who Are the Chicago Bears' 5 Most Recent Quarterbacks?

Who are the Bears’ 5 most recent quarterbacks? originally appeared on NBC Sports Chicago The Chicago Bears have had an abundance of different quarterbacks come take a stab at the ... Read more »

Taylor Sheridan Confirms That Yellowstone's Drama Has A Real Impact On The Cast And Crew

Ethan Miller/Getty Images Honestly, will the family affairs of the Duttons ever cease? Not likely. It’s what has drawn audiences into the world of Taylor Sheridan’s “Yellowstone” since it debuted ... Read more »

Here's Where You Can Visit The Byers' Home From Netflix's Stranger Things In Real Life

Netflix Over the course of its first four seasons, Netflix’s “Stranger Things” has delivered as many intriguing characters, thrilling sites, and unexpected twists as any TV show currently on the air. ... Read more »

Annie Potts' Young Sheldon Episode Of Choice Might Surprise You

Amy Sussman/Getty Images In each episode of the single-camera comedy “Young Sheldon,” brilliant physicist Dr. Sheldon Cooper (Jim Parsons) recounts different aspects of his childhood. One of the most beloved ... Read more »

How Chadwick Boseman's Death Affected Black Panther: Wakanda Forever's Visual Style

Tinseltown/Shutterstock At this point, it’s no secret that “Black Panther: Wakanda Forever” is one of the most highly-anticipated films ever to be released within the MCU — serving as both ... Read more »

Namor's Nickname In Black Panther: Wakanda Forever Explained

Albert L. Ortega/Getty Images With the new trailer for “Black Panther: Wakanda Forever” just dropping, fans are excited to see actor Tenoch Huerta take on the role of Namor, the ... Read more »

Billy Eichner blames straight people for dismal opening of gay romcom ‘Bros’

Billy Eichner has been blasted after blaming straight people for the box office failure of his new romcom “Bros.” Juan Pablo Rico/Sipa USA He’s a straight shooter. Billy Eicher has ... Read more »

Should I fix my mortgage now? UK mortgage rates latest - how much will interest rates rise, will they go down?

UK mortgage rates look set to rise in the coming months, after the announced a While on one of their key policies – the – they appear to be sticking ... Read more »

See Satellite Images of Ian's Destruction Across Florida

Photos show destruction left behind by the category 4 hurricane Read more »

Probe into Chinese takeover of Newport Wafer Fab delayed a third time

The government’s national security review into the acquisition of Newport Wafer Fab by Chinese-owned semiconductor manufacturer Nexperia has been delayed for a third time. UKTN can reveal that the decision ... Read more »

'I will never give up on him': Steve-O pledges his support for troubled Jackass co-star Bam Margera... weeks after the actor returned to rehab

Steve-O recently gave an update on his longtime friend and Jackass castmate Bam Margera, who is currently in rehab for drugs and alcohol. The 48-year-old former MTV star said in ... Read more »

Taco Bell hosting vote on discontinued menu items for limited time release

Taco Bell Rewards Members have until Oct. 6 to vote between the Enchirito and Double Decker Taco Read more »

Hurricane Ian: 600K Floridians still out of power

There were over 42K personnel working to restore power by Saturday Read more »

Ed Sheeran's First Stop on North American Tour Is In DFW

Getty Images for NARAS Multi-Grammy-winner Ed Sheeran is bringing his “+ – = ÷ x Tour” (aka “Mathematics” tour) to North America next year. His first stop? North Texas! The ... Read more »

Football fan who died after escalator fall at Steelers-Jets game identified

The football fan who fell to his death at Sunday’s game between the Steelers and Jets has been identified. Dalton Keane, 27, fell from an escalator inside Acrisure Stadium in ... Read more »

The face reveal of Minecraft YouTuber Dream broke the internet — let us explain

Dream, a Minecraft YouTuber and one of the most popular names on the internet, has finally revealed his face from behind a smiley-face mask that he used for eight years. ... Read more »

Kenya 'effectively' lifts ban on genetically modified crops

Kenya 'effectively' lifts ban on genetically modified crops Kenya’s new president says the Cabinet has “effectively” lifted the country’s ban on openly cultivating genetically modified crops, reversing a decade-old decision ... Read more »

How offensive line bounced back to help Giants achieve rare feat

Check the date. Yes, it is October — very early October. There are far more green leaves on the trees than Autumnal-colored leaves fallen to the ground. The MLB playoffs ... Read more »

Sakurai reveals cut RPG horror scenario and more for Kirby Super Star

Masahiro Sakurai has released the latest video on his YouTube Channel, which chronicles his experiences directing Kirby Super Star for the SNES. The third and final 2D Kirby sidescroller he’d ... Read more »

Watch Now: ETF Edge – the Man Who Calls ESG “Woke Capitalism”

[The stream is slated to start at 1:00 PM ET. Please refresh the page if you do not see a player above at that time.] CNBC’s ETF Edge is dedicated ... Read more »

Love Island’s Davide Sanclimenti launches collection with BoohooMAN after appearing on Time Square billboard

has launched his own collection with boohooMAN, just weeks after appearing on the brand’s Times Square billboard in New York City. The Love Island winner, 27, found fame earlier this ... Read more »

Brie & Camembert Cheeses Recalled Nationwide Due to Potential Link to Listeria

Getty Images On September 30, 2022, the company Old Europe Cheese, Inc. announced a voluntary recall of its Brie and Camembert cheese products due to possible contamination with Listeria. The ... Read more »

Microsoft APT: North Korean Lazarus Threat Group Targeting Social Media Accounts

Microsoft APT says a threat group is using social media for a phishing campaign that uses bogus job posts to trick workers. Read more »

How One Tech Leads To Another: Albert Putra Purnama Is At The Forefront Of Online Innovation

(Photo : Albert Putra Purnama) Albert Putra Purnama When he was just a child, Albert Putra Purnama’s dad picked him up at school and told him about the impact Bill ... Read more »

Amazon Discounts Echo, Fire TV and More by Up to 59% Ahead of Prime Early Access Sale

This limited-time sale makes Amazon's highly rated devices even more affordable than usual. Grab some today. Read more »

Is Your Android Being Tracked by an AirTag? Here's How to Find Out

This third-party app from Apple will let you know if you're being followed by a rogue AirTag. Read more »
Breaking thailand news, thai news, thailand news Verified News Story Network