HomeMalware & ThreatsAnyDesk confirms cyber incident and issues password reset

AnyDesk confirms cyber incident and issues password reset

Published on

spot_img

AnyDesk, a remote desktop application provider, recently confirmed that hackers gained unauthorized access to the company’s production systems in a recent cyberattack. The company has stated that the problem has been remediated, and all security-related certificates have been revoked.

In a public statement, AnyDesk acknowledged that the cybersecurity incident occurred and that they have been working with experts from CrowdStrike to address the issue and inform the relevant authorities. They also clarified that the incident did not involve any ransomware. Additionally, the company assured that all security-related certificates have been revoked, and necessary systems have been remediated or replaced.

While BleepingComputer reported that source code and private code signing keys were stolen during the breach, AnyDesk has emphasized that its systems are designed not to store private keys, security tokens, or passwords that could be exploited to connect to end-user devices. As a precaution, the company has revoked all passwords to its web portal, my.anydesk.com, and is advising users to change their passwords, especially if the same credentials are used on other platforms.

Based in Stuttgart, Germany, AnyDesk provides remote desktop software, allowing users to access and control computers or devices from a different location. Despite the cyber incident, AnyDesk stated that there is no evidence of any end-user devices being affected. The company has assured that the situation is under control, and users can continue using AnyDesk safely by ensuring that they are using the latest version with the new code signing certificate.

With a customer base of 170,000 organizations, including well-known names like 7-Eleven, Comcast, LG Electronics, and the United Nations, AnyDesk has a significant user footprint. However, following the cyber incident, IT admins received an alert warning of service disruptions as the platform underwent maintenance since January 30, 2024.

The breach at AnyDesk serves as a reminder of the constant threat of cyberattacks, especially on remote desktop applications, which are frequently targeted by cybercriminals, aiming to exploit the access and control they provide over computers and devices.

The news of AnyDesk’s cybersecurity incident comes shortly after internet infrastructure provider Cloudflare disclosed that a nation-state hacker had utilized stolen access tokens and service account credentials from Okta to access a self-hosted Atlassian server used by the company. Cloudflare admitted that it had failed to rotate the credentials after Okta revealed the attack in October.

In conclusion, the breach at AnyDesk has prompted the company to take swift action in remediating the incident and revoking security-related certificates. The cybersecurity incident underscores the ongoing threat posed by cybercriminals and the importance of robust security measures to protect against unauthorized access and data breaches.

Source link

Latest articles

First fully agentic ransomware attack raises readiness concerns

Emerging Threat: The Role of AI in Cyberattacks In a landscape increasingly fraught with cyber...

White House Quantum Summit Unites Industry on Transition and Innovation

The recent quantum computing summit held at the White House marks a significant step...

Huntress Signs Giacom to Expand UK MSP Access to Managed Detection and Response

Huntress Expands Its Footprint Through Partnership with Giacom Huntress, a recognized leader in cybersecurity, has...

New Malicious Campaign Distributes Vidar Stealer and Monero Crypto Miner

In a concerning development within the realm of cyber threats, a new campaign has...

More like this

First fully agentic ransomware attack raises readiness concerns

Emerging Threat: The Role of AI in Cyberattacks In a landscape increasingly fraught with cyber...

White House Quantum Summit Unites Industry on Transition and Innovation

The recent quantum computing summit held at the White House marks a significant step...

Huntress Signs Giacom to Expand UK MSP Access to Managed Detection and Response

Huntress Expands Its Footprint Through Partnership with Giacom Huntress, a recognized leader in cybersecurity, has...