Tag: TeamViewer | SpinSafe

TeamViewer Exploited to Obtain Remote Access, Deploy Ransomware

January 23, 2024/in Internet Security

The cybersecurity researchers at Huntress have issued a warning about a recent surge in cyber attacks, highlighting a new strategy employed by cybercriminals who are exploiting TeamViewer to deploy LockBit ransomware.

TeamViewer has a history of being exploited in large-scale cyber attacks. Recently, once again, cybersecurity experts have observed a surprising surge in cybercriminals’ attempts to exploit TeamViewer, a trusted remote access tool, to deploy LockBit ransomware, potentially exposing users to data encryption and extortion demands.

Researchers claim attackers exploit vulnerabilities in TeamViewer to gain initial access to victim devices and then deploy the aggressive LockBit ransomware, which encrypts critical files and demands substantial ransom payments for decryption.

Although infections were either contained or averted, no ransomware operation has been officially associated with the intrusions. The payload resembled LockBit ransomware encryptors. It is worth noting that in 2022, the ransomware builder for LockBit 3.0 was leaked, allowing the Bl00dy and Buhti gangs to launch their campaigns.

For your information, TeamViewer is a popular remote access tool in the enterprise world. Unfortunately, it has been exploited by scammers and ransomware actors to access remote desktops and execute malicious files for years. In March 2016, numerous victims reported their devices being breached via TeamViewer and attempts made to encrypt files with the Surprise ransomware.

Back then, TeamViewer’s unauthorized access was attributed to credential stuffing, where attackers used users’ leaked credentials instead of exploiting a zero-day vulnerability.

The software vendor explained that online criminals often log on with compromised accounts to find corresponding accounts with the same credentials, potentially allowing them to access all assigned devices for malware or ransomware installation.

The latest analysis from Huntress SOC analysts reveals that cybercriminals continue to use old techniques, abusing TeamViewer to take over devices and deploy ransomware. In one of the instances, as observed by Huntress, a single threat actor used TeamViewer to…

Source…

Deutsche Welle uses TeamViewer to provide secure IT support

January 10, 2023/in Mobile Security

The Deutsche Welle, Germany’s international broadcaster, has announced using TeamViewer to support its information technology (IT) for its global network of correspondents.

With TeamViewer’s Enterprise Connectivity Suite Tensor deployed, Deutsche Welle’s IT team, located in Bonn and Berlin, can securely connect remotely to the laptops and smartphones of their employees. They operate in around 140 countries worldwide; when support requests are made, the IT team can resolve problems quickly and easily.

When opting for TeamViewer, the extensive security features of the Tensor solution played a vital role in Deutsche Welle’s decision. These include single sign-on, scalable and flexible rights management via conditional access, and end-to-end encryption. In addition, the solution can be seamlessly embedded into Deutsche Welle’s existing IT landscape with integrations into services such as Microsoft Intune and Teams.

“Laptops and smartphones are important work tools for our journalists that have to function reliably, especially in breaking news situations. However, should any problems occur, our IT team can now react quickly using TeamViewer Tensor and thus contribute to smooth reporting. Since our correspondents often process sensitive information, the stable and secure connection via TeamViewer is also particularly important to us,” says Thomas Rieger, IT requirements management and coordination, Deutsche Welle.

“We have tailored TeamViewer Tensor specifically to the requirements of large companies. The solution can be scaled as required and makes it possible to access devices of all kinds quickly, easily, and securely from anywhere and at any time to access them and provide assistance. In particular, globally positioned companies and organisations such as Deutsche Welle are using it to make their IT support significantly faster and more efficient,” adds Jan Junker, executive vice president of solution sales and delivery at TeamViewer.

TeamViewer is a technology company that provides a connectivity platform to remotely access, control, manage, monitor, and repair devices, from laptops and mobile phones to industrial machines and robots.

Although TeamViewer is free of…

Source…

Chinese cyberspies breached TeamViewer in 2016 – ZDNet

May 17, 2019/in Internet Security

Chinese cyberspies breached TeamViewer in 2016 ZDNet

TeamViewer said it detected and stopped the attack before hackers could do any damage.

“chinese hackers” – read more

TeamViewer denies hack, blames hijacked accounts on password reuse

June 5, 2016/in Computer Security

A plethora of people with the remote desktop tool TeamViewer have been in an uproar after their machines were remotely hijacked; in some cases over the past month or so, users had their bank or PayPal accounts sucked dry. TeamViewer denied it has been hacked and launched two new security measures.

After experiencing a TeamViewer takeover, IBM security researcher Nick Bradley thinks password reuse may be the problem. Bradley said he was gaming on his PC when he lost control of his mouse and TeamViewer popped up. He killed the app and dashed downstairs to another PC which had TeamViewer.

To read this article in full or to leave a comment, please click here

Network World Security

Tag Archive for: TeamViewer