ADVERTISEMENT

An email with Windows RDP file gives Russian spies access to your drives

Disguised as a joint project between tech giants and a European government, one email can make your entire system a drive-thru for Kremlin-backed spies.

EU targeted by Russian hackers

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Apr 8, 2025 Updated: 8 April 2025 3 min read
Ernestas Naprys vilius Gintaras Radauskas Paulina Okunyte
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.

How does the trick work?

RDP phishing campaign
Unsigned RDP connection — warning banner. Source: GTIG
ADVERTISEMENT
RDP phishing campaign
Connection prompt. Source: GTIG
RDP phishing campaign
Victim’s mapped-drives as seen on an attacker’s RDP server. Source: GTIG
RDP phishing campaign
RDP RemoteApp (MsPaint.exe) hosted on the RDP server, as seen on a test victim machine. Source: GTIG

RDPs are vulnerable to attacks

ADVERTISEMENT