When you deploy a cloud-hosted Dynamics AX 2012 demo environment from Lifecycle Services (LCS), the password for Administrator is fixed and well known.
We have discovered that this causes unauthorized usage via RDP and hackers can use it to spread viruses and malware.
After the AX 2012 demo environment has been deployed to Azure, then you should change the password for the Administrator account.
In case you should forget the administrator password, it can be reset https://azure.microsoft.com/en-in/documentation/articles/virtual-machines-windows-reset-rdp/
Note that there are a few other user accounts that also have administrator permissions which could be used for remote access. Since some of these user accounts are used as service account there will be quite a job to change password on these accounts. Therefor an option is to restrict the allowed IP addresses in the firewall. Here are some articles about that: