TechTeamViewer hit by Russian hackers, no customer data compromised

TeamViewer hit by Russian hackers, no customer data compromised

TeamViewer fell victim to Russian hackers. Previously, the company had faced attacks by Chinese hackers. This time, the security breach occurred by taking over an IT employee’s account.

Russian hackers attacked again
Russian hackers attacked again
Images source: © Adobe Stock

11:28 AM EDT, July 5, 2024

The owners of TeamViewer software are facing significant problems. According to Sekuraka’s editorial team, a hacking attack has taken place. This time, the popular remote access program was targeted by the Russian cybercriminal group APT29. In the past, TeamViewer had been attacked by another group—the Chinese APT group.

TeamViewer’s troubles began on June 26. It was reported that a security breach might have occurred in the corporate network. The security breach concerned the internal network, independent of the production environment. There are no suspicions of customer data being compromised.

The next day, NCC Group and Health-ISAC warnings appeared online, directed at their clients. They stated that the APT29 group had breached the platform’s security and used it in attacks. As cited by Sekurak, users were advised to review event logs for unusual activity related to remote desktop operations.

TeamViewer’s security department responded to this information and issued an update. Analyses revealed that the security breach occurred when an IT employee’s account was taken over.

Russian hackers attacked TeamViewer

TeamViewer confirmed that the APT29 group carried out the attack. It was emphasized again that the attack took place in the internal environment and did not impact the production environment. The attack did not affect the servers, networks, and accounts that could give access to TeamViewer’s customer infrastructure.

The published information indicates that hackers used the compromised account to copy data from the employee directory, including names, company contact details, and encrypted passwords, to the internal IT environment. Sekurak emphasizes that TeamViewer admitted to starting a rebuild of the internal environment to make it more secure. Microsoft assisted in responding to the attack.

© essanews.com
·

Downloading, reproduction, storage, or any other use of content available on this website—regardless of its nature and form of expression (in particular, but not limited to verbal, verbal-musical, musical, audiovisual, audio, textual, graphic, and the data and information contained therein, databases and the data contained therein) and its form (e.g., literary, journalistic, scientific, cartographic, computer programs, visual arts, photographic)—requires prior and explicit consent from Wirtualna Polska Media Spółka Akcyjna, headquartered in Warsaw, the owner of this website, regardless of the method of exploration and the technique used (manual or automated, including the use of machine learning or artificial intelligence programs). The above restriction does not apply solely to facilitate their search by internet search engines and uses within contractual relations or permitted use as specified by applicable law.Detailed information regarding this notice can be found  here.