Popular Remote Desktop software requires password reset


Remote desktop software maker AnyDesk announced Friday that it suffered a cyberattack that led to the compromise of its production systems.

The German company said the incident, which it discovered after a security audit, is not a ransomware attack and that it has notified the relevant authorities.

“We have revoked all security-related certificates and systems have been repaired or replaced where necessary,” the company said said in a statement. “We will soon revoke the previous code signing certificate for our binaries and have already started replacing it with a new one.”

As a precaution, AnyDesk has also revoked all passwords for its web portal, my.anydesk[.]com, and it urges users to change their passwords if the same passwords have been reused on other online services.

It also recommends users to download the latest version of the software, which comes with a new version code signing certificate.

AnyDesk did not disclose when or how its production systems were breached. It is currently unknown whether any information was stolen after the hack. However, it stressed that there is no evidence that end-user systems have been affected.

Earlier this week, Günter Born from BornCity was born revealed that maintenance had been carried out on AnyDesk on January 29. The problem was addressed on February 1. Earlier, on January 24, the company also warned users of “intermittent timeouts” and “service degradation” via its customer portal.

AnyDesk has more than 170,000 customers, including Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam and Thales.

The disclosure comes a day after Cloudflare said it was breached by a suspected nation-state attacker who used stolen credentials to gain unauthorized access to the Atlassian server and ultimately gain access to certain documentation and a limited amount of source code.

#Popular #Remote #Desktop #software #requires #password #reset

Notify of
Inline Feedbacks
View all comments
Previous Post
Mastodon Vulnerability

The Mastodon vulnerability allows hackers to hijack any decentralized account

Next Post
Russian APT28 Hackers

Russian APT28 hackers target high-value organizations with NTLM relay attacks

Related Posts