Baaritaano amni ayaa lagu helay malware-ka ka fura dekedaha desktop fog ee dab-damiska. Dekadaha RDP (Remote desktop) waa la dejiyay, tani waxay u sahlaysaa weeraryahanada inay ku xad gudbaan dekedaha RDP hadhow.
Sarwent malware-ka ayaa la isticmaalayey tan iyo 2018. Bilowgii 2020 Vitali Kwemez waxa uu soo diray tweet ku saabsan Sarwent malware-ka laakiin waxaa jira macluumaad yar oo ku saabsan Sarwent malware-ka internetka.
Habka uu u faafo Sarwent malware si buuxda looma yaqaan; Waxaa la tuhunsan yahay in Sarwent lagu faafiyo iyada oo loo marayo malware-ka kale, oo laga yaabo in botnets.
Waxa laga og yahay Sarwent waa in caabuqa ka dib malware uu abuuro mid cusub Windows Akoonka isticmaalaha kombayutarka oo ka furto RDP port 3389 kombayutarka iyo Firewall-ka. RDP waxay u badan tahay in la furo si hadhow looga galo kombayutarka cudurka qaba iyada oo loo marayo kan la abuuray Windows koontada isticmaalaha.
Ciwaanka IP-ga ee sarwent, xashiishyada MD5, iyo xayndaabka ayaa laga yaqaan Sarwent, faahfaahintan waxaa loo qaybiyaa IOC-yada (Tilmaanayaasha tanaasulka) shirkadaha si ay u ogaadaan Sarwent.