Morto is an old-fashioned internet worm, which targets Windows workstations and servers by exploiting poorly-chosen weak passwords. SophosLabs has received a very low number of reports of this worm being seen in the wild. Morto has in its armoury a library of commonly-used passwords. The worm attempts to spread to network shares using port 3389 (RDP), and tries to read and write to files in the remote folder \tsclienta. The worm has gone through several revisions.”]
Source: https://nakedsecurity.sophos.com/2011/08/30/morto-rdp-worm-of-death/

