The Data Integrity security feature will monitor TeamViewer accounts for unusual behavior, such as being accessed from a new location as that might indicate an account has been compromised. When a new device attempts to sign into your TeamViewer account, you must click on a link in an email to confirm the device is trusted. ![]() To prevent an attacker from accessing your TeamViewer account, the company introduced Trusted Devices. They have taken advantage of common use of the same account information across multiple services to cause damage.Īt this point we want to underscore that TeamViewer account authentication uses the Secure Remote Password protocol (SRP) and therefore does not store any password-equivalent data. We are appalled by the behavior of cyber criminals, and are disgusted by their actions towards TeamViewer users. Unfortunately, credentials stolen in these external breaches have been used to access TeamViewer accounts, as well as other services. In an open letter to all TeamViewer users, the company wrote:Īs you have probably heard, there have been unprecedented large scale data thefts on popular social media platforms and other web service providers. TeamViewer issued a new statement on Friday, June 3, and announced launching Trusted Devices and Data Integrity security features. Therefore it is important to stress there are no TeamViewer hackers, but rather data thieves that will steal information from other sources.”īut still, there continues to be a flood of TeamViewer-related tweets and threads on Reddit. Neither do we have any information that would suggest that there is a security hole in TeamViewer. On May 23 in response to an article which claimed users were having their “bank accounts emptied by hackers gaining full-system access,” the company said, “There is no evidence to suggest that TeamViewer has been hacked. ![]() It warned against “careless use of account credentials” by reusing passwords across multiple accounts.Īccusations that TeamViewer was hacked had been flying even before the DoS attack. TeamViewer did experience an outage on June 1 due to “a denial-of-service attack aimed at the TeamViewer DNS-server infrastructure.” The company claimed it had nothing to do with users’ accounts being hijacked. Yet Bradley did question if TeamViewer was breached or if “some DNS mischief” took place. The attacker was simply going from one compromised machine to the next to identify who the victim was and what the timezone was, as demonstrated by the URL the attacker tried to go to. ![]() My speculation on the actual activity I witnessed is that it was basic recon. “At this point, I figured this was most likely due to me not changing my leaked password on TeamViewer,” he wrote. He mentioned the LinkedIn breach and that he had changed his password. He noted that some Reddit users have “claimed to have had their TeamViewer accounts compromised, bank accounts drained, gift cards purchased and more.”īradley had not used TeamViewer recently and had forgotten it was even installed on multiple machines. ![]() Had he not been there to witness and thwart the takeover, he said he would likely be writing about his “personal data leak” instead of how he was almost hacked. Sure enough, TeamViewer popped up on that machine and an attacker opened a browser to access a web page. He killed the app and dashed downstairs to another PC which had TeamViewer. Bradley said he was gaming on his PC when he lost control of his mouse and TeamViewer popped up. TeamViewer denied it has been hacked and launched two new security measures.Īfter experiencing a TeamViewer takeover, IBM security researcher Nick Bradley thinks password reuse may be the problem. A plethora of people with the remote desktop tool TeamViewer have been in an uproar after their machines were remotely hijacked in some cases over the past month or so, users had their bank or PayPal accounts sucked dry.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |