TeamViewer, the corporate that makes extensively used faraway get entry to gear for corporations, has showed an ongoing cyberattack on its company community.
In a statement Friday, the corporate attributed the compromise to government-backed hackers running for Russian intelligence, referred to as APT29 (and Nighttime Snow fall).
The Germany-based corporate stated its investigation to this point issues to an preliminary intrusion on June 26 “tied to credentials of a regular worker account inside of our company IT surroundings.”
TeamViewer stated that the cyberattack “used to be contained” to its company community and that the corporate helps to keep its interior community and buyer techniques separate. The corporate added that it has “no proof that the danger actor won get entry to to our product surroundings or buyer knowledge.”
Martina Dier, a spokesperson for TeamViewer, declined to reply to a chain of questions from techmim, together with whether or not the corporate has the technical skill, reminiscent of logs, to decide what, if any, knowledge used to be accessed or exfiltrated from its community.
TeamViewer is among the extra well-liked suppliers of faraway get entry to gear, permitting its company consumers — together with delivery massive DHL and beverage maker Coca-Cola, per its website — to get entry to different units and computer systems from over the web. The corporate says it has more than 600,000 paying customers and facilitates faraway get entry to to greater than 2.5 billion units world wide.
TeamViewer could also be known to be abused by malicious hackers for its skill for use to remotely plant malware on a sufferer’s tool.
It’s no longer recognized how the TeamViewer worker’s credentials had been compromised, and TeamViewer didn’t say.
The U.S. authorities and safety researchers have lengthy attributed APT29 to hackers running for Russia’s international intelligence carrier, the SVR. APT29 is among the extra power, well-resourced government-backed hacking teams, and recognized for its use of easy however efficient hacking ways — together with stealing passwords — to habits long-running stealthy espionage campaigns that depend on stealing delicate knowledge.
TeamViewer is the newest tech corporate focused via Russia’s SVR of past due. The similar team of presidency hackers compromised Microsoft’s company community previous this 12 months to steal emails from top executives to learn what was known about the intruding hackers themselves. Microsoft stated other tech companies were compromised all the way through the continued Russian espionage marketing campaign, and U.S. cybersecurity company CISA showed federal government emails hosted on Microsoft’s cloud had been additionally stolen.
Months later, Microsoft said it was struggling to eject the hackers from its systems, calling the marketing campaign a “sustained, vital dedication” of the Russian authorities’s “sources, coordination, and focal point.”
The U.S. authorities additionally blamed Russia’s APT29 for the 2019-2020 espionage campaign targeting U.S. software firm SolarWinds. The cyberattack noticed the mass-hacking of U.S. federal authorities businesses by the use of planting a hidden malicious backdoor in SolarWinds’ flagship device. When the contaminated device replace used to be driven out to SolarWinds’ consumers, the Russian hackers had access to every network running the compromised software, together with the Treasury, Justice Division, and the Division of State.
Have you learnt extra concerning the TeamViewer cyberattack? Get in contact. To touch this reporter, get in contact on Sign and WhatsApp at +1 646-755-8849, or by email. You can also ship recordsdata and paperwork by the use of SecureDrop.
apt29,cyberattack,cybersecurity,Nighttime Snow fall,faraway get entry to,russia,teamviewer
Source link
