AnyDesk remote acce...
Clear all

AnyDesk remote access software hacked and passwords reset

1 Posts
1 Users
0 Reactions
Brandon Lee
Posts: 554
Member Admin
Topic starter

AnyDesk, a widely utilized remote access solution, offers users the capability to remotely control computers across networks or the internet. This tool has garnered significant popularity within the enterprise sector for purposes such as remote support and managing colocated servers.

However, its utility extends beyond legitimate uses, with threat actors exploiting the software for sustained access to compromised devices and networks.

According to the company, its customer base spans 170,000 entities, featuring prominent names like 7-Eleven, Comcast, Samsung, MIT, NVIDIA, SIEMENS, and the United Nations.

Recent reports have surfaced about a security breach involving AnyDesk. The company became aware of the incident upon noticing unusual activity on their product servers, prompting a comprehensive security review. This examination revealed system compromises, leading to the immediate implementation of a response strategy, developed in collaboration with cybersecurity firm CrowdStrike.

In the aftermath, AnyDesk undertook measures such as revoking certain security certificates and updating their systems. They have assured their clientele of the software's security, emphasizing the absence of evidence pointing to any impact on end-user devices due to the breach.

AnyDesk, in a public announcement, confirmed the situation was managed and reassured the continued safety of using their application, urging customers to update to the latest version featuring a new code signing certificate.

Details regarding the theft of any information during the breach remain undisclosed by AnyDesk. Nonetheless, information obtained by BleepingComputer indicates that the attackers had access to source code and code signing certificates. While AnyDesk has stated that no authentication tokens were compromised, they have decided to revoke all passwords to their web portal as a precautionary step and advise users to change their passwords if the same credentials are used elsewhere.

Posted : 02/02/2024 9:35 pm