AnyDesk, the renowned Germany-based remote access software developer, has recently informed its users about a significant security breach. The breach, which was discovered following a security audit prompted by suspicious activity, has raised concerns about the safety and integrity of popular remote desktop applications.
Details of the Breach:
The security audit revealed that AnyDesk's production systems were compromised. The company quickly took measures by revoking all security-related certificates and initiating remediation processes. In a precautionary move, AnyDesk also revoked all passwords to their web portal and advised users to change their passwords, especially if they are used elsewhere.
No Ransomware Involvement:
AnyDesk clarified that the breach was not related to ransomware. This is crucial as ransomware attacks often lead to data encryption and demand for ransom, causing more severe disruptions.
Response and Remediation:
To investigate and address the incident, AnyDesk enlisted the help of cybersecurity firm CrowdStrike and notified the authorities. The company is confident about the security of their software, urging customers to update to the latest version which includes a new code signing certificate.
The Threat of Supply Chain Attacks:
The incident suggests the possibility of a supply chain attack, where attackers target software vendors to compromise their products and affect the customers indirectly. Such attacks can have far-reaching consequences, allowing threat actors to distribute trojanized software widely.
User Impact and Safety Measures:
AnyDesk is widely used, with over 800 million downloads globally. The company has over 170,000 customers, including major corporations like Comcast, LG, Samsung, and Thales. While AnyDesk claims there's no evidence of end-user systems being affected, the breach's nature raises questions about the security of remote access tools.
Cybercriminal Activity Post-Breach:
Following the breach, there have been reports of an individual selling credentials of over 18,000 AnyDesk customers for $15,000 in cryptocurrency on a cybercrime forum. These credentials were allegedly obtained through malware-infected systems of AnyDesk users. This development highlights the urgency for users to heed AnyDesk's advice and change their passwords.
Industry and User Reactions:
The breach has led to criticisms of AnyDesk's initial response, which was deemed inadequate by some security experts. However, the company assures that the situation is under control and that the software is safe to use, provided users have the updated version.
This incident underlines the critical importance of cybersecurity in the era of remote access and cloud computing. For businesses and individuals relying on such tools, it serves as a stark reminder to stay vigilant, regularly update software, and follow best practices in digital security. As the investigation continues, users and industry watchers will be keenly observing AnyDesk's steps to bolster its defenses and restore trust among its vast user base.
Reference: https://anydesk.com/en/public-statement
For any enquiries, give us a call at 6262 0402 or email us at care@acebizservices.com
