Kuferefetwa kwekuchengetedza kwawana malware anovhura Remote desktop ports pane firewall. Iwo RDP (Remote desktop) madoko akagadzwa, izvi zvinoita kuti zvive nyore kune varwisi kushandisa zvisizvo RDP zviteshi gare gare.
Iyo Sarwent malware yave ichishandiswa kubvira 2018. Pakutanga kwe2020 Vitali Kwemez akatumira tweet nezve Sarwent malware asi pane ruzivo rushoma nezve Sarwent malware painternet.
Nzira iyo Sarwent malware inopararira haina kunyatsozivikanwa; inofungidzirwa kuti Sarwent inopararira kuburikidza nedzimwe malware, pamwe mumabhoti.
Chii chinozivikanwa nezve Sarwent ndechekuti mushure mekutapukirwa iyo malware inogadzira nyowani Windows mushandisi account pakombuta uye inovhura RDP port 3389 pakombuta uye muFirewall. RDP inogona kuvhurwa kuitira kuti gare gare uwane komputa ine hutachiona kuburikidza neyakagadzirwa Windows mushandisi account.
Sarwent IP kero, MD5 hashes, uye madomasi anozivikanwa kubva kuSarwent, aya mashoko anogoverwa kuIOCs (Indicators of compromise) kuti makambani aone Sarwent.