Kufufuza kwachitetezo kwapeza pulogalamu yaumbanda yomwe imatsegula madoko a Remote desktop pa firewall. Madoko a RDP (Remote desktop) amakhazikitsidwa, izi zimapangitsa kuti zikhale zosavuta kwa omwe akuukira kuzunza madoko a RDP pambuyo pake.
Pulogalamu yaumbanda ya Sarwent yakhala ikugwiritsidwa ntchito kuyambira 2018. Kumayambiriro kwa 2020 Vitali Kwemez adatumiza tweet yokhudza pulogalamu yaumbanda ya Sarwent koma pali zambiri zokhudza pulogalamu yaumbanda ya Sarwent pa intaneti.
Njira yomwe Sarwent pulogalamu yaumbanda imafalira sizidziwika kwathunthu; akukayikira kuti Sarwent imafalitsidwa kudzera pa pulogalamu yaumbanda ina, mwina mu botnets.
Zomwe zimadziwika za Sarwent ndikuti pambuyo pa matenda pulogalamu yaumbanda imapanga yatsopano Windows akaunti ya ogwiritsa pa kompyuta ndikutsegula doko la RDP 3389 pakompyuta ndi pa Firewall. RDP idzatsegulidwa kuti mtsogolomo mulowetse kompyuta yomwe ili ndi kachilombo kudzera muzomwe zidapangidwa Windows akaunti ya ogwiritsa.
Maadiresi a IP a Sarwent, ma hashes a MD5, ndi madera amadziwika kuchokera ku Sarwent, izi zimagawidwa ku IOCs (Indicators of compromise) kuti makampani azindikire Sarwent.