Malwarebytes Brute Force Protection (BFP)

Stand up to the rise in brute force attacks with secure remote access.


A rising threat

Remote Desktop Protocol (RDP) attacks are rising as more organizations work from home. Brute force RDP attacks from across the globe seek to gain access to an Internet-connected computer, and then use it to infect other devices and servers on the network.

This product includes GeoLite2 Data created by MaxMind, available from

Every week Malwarebytes Brute Force Protection blocks close to 1 million attacks on RDP connections world-wide.

what is a brute force attack

What is a brute force attack?

In a brute force attack an attacker attempts to gain access to a computer by guessing the username and password of one of its users. Some attacks will try a limited number of usernames and passwords on as many computers as possible, while others will try tens of thousands of usernames and passwords on a single computer. Attacks are automated and relentless, and can start within hours of a computer being connected to the Internet.

What can cybercriminals do using brute force attacks?

Hijack devices. Attackers operating ransomware such as Egregor and REvil use exposed RDP connections to access a vulnerable device.

Infiltrate your network. Once attackers have a foothold on one endpoint, they can use it to gather information, map your network, and then attack it from the inside.

Hold your company hostage. Attackers take full control of your company’s network and hold it, and your data, hostage.

why you should care about brute force attacks
how to secure remote desktop access for your organization

How to secure remote desktop access for your organization?

Malwarebytes’ Brute Force Protection blocks brute force RDP attacks on Windows workstations and servers by blocking IP addresses that exceed a threshold of invalid login attempts.

Read the Brute Force Protection Whitepaper >

Benefits of Malwarebytes Brute Force Protection

Brute force attack prevention

Block IP addresses that exceed a threshold of invalid login attempts.

Instant alerts

Get notified the moment an attack occurs.

Set-and-forget defense

Fully automated, around-the-clock RDP security.

Cloud-based control

Manage configurations on the Nebula platform.

Flexible protection

Control how you react to attacks via multiple modes such as ‘Monitor and Detect’ or ‘Block.’

Servers and workstations

Protect both servers and workstations from brute force attacks.

Ready to secure your RDP?

Protect your small business today 

Learn more

VideoBytes video thumbnail

Our short VideoBytes episode for RDP security tips. Why brute force attacks are increasing.

Research Report

Protecting RDP connections to endpoints far and wide

Image of tools

Perkiler malware turns to SMB brute force to spread.

Brute Force FAQ

  • Restrict RDP access to only those that need it.
  • Enforce the use of strong passwords.
  • Implement two-factor authentication (2FA).
  • Use a virtual private network (VPN) to restrict access to RDP.

Brute force attacks are login attempts, but they don't look like normal users trying to log in. They can be identified by things like: The increased speed and frequency at which they occur, the unusual number of passwords used, and where the attempts originate.

Yes. In the US, UK and other jurisdictions, using a computer without its owner's permission is illegal.

Select your language

New Buy Online Partner Icon Warning Icon