FireEye: “APT41 compromised company behind TeamViewer – which enabled them to access *any* system with TeamViewer installed”

by · Published · Updated

The well-known remote control software TeamViewer was hacked many years ago, and some of the user computers were controlled by hackers and installed backdoors to steal data according to top5hosting. But even now the company does not admit that the server was attacked. On the contrary, the developers said that users were attacked mainly by leaking remote IDs and passwords. However, it is shocking that the security company has once again revealed that TeamViewer has been hacked. The attacker can control all the computers that log in to the software and operate it arbitrarily.

“APT41 is unique among tracked China-based actors in that it leverages non-public malware typically reserved for espionage operations in what appears to be activity that falls outside the scope of state-sponsored missions.
Based on early observed activity, consistent behavior, and APT41’s unusual focus on the video game industry, we believe the group’s cyber crime activities are most likely motivated by personal financial gain or hobbyist interests.”

Recently, the leading security company FireEye, Chief Security Architect, Christopher Glyer wrote the news on Twitter that TeamViewer was hacked and leaked the user’s account password. This hacker group is known as APT41, and FireEye said on Twitter that hackers can access it on any computer that has TeamViewer installed. From the pictures released by FireEye Chief Security Architect, this should be a presentation presented at the security conference held by FireEye, and FireEye did not disclose specific details. However, this security company is a well-known security research group in the industry, so the credibility of the published news is 100 %, but the attack time is temporarily uncertain.

https://twitter.com/cglyer/status/1182413194360508419

Because the picture on the display is about 2017-2018, the number is marked as black. It is reasonable to say that this number refers to the time period when the attack occurred. The report reveals TeamViewer was hacked in 2016 when a large number of users were attacked and stolen financial information in just 24 hours.

Tags: