TeamViewer, an organization that makes extensively used distant entry instruments for firms, has confirmed an ongoing cyberattack on its company community.
IN assertion on FridayThe corporate attributed the breach to government-backed hackers working for Russian intelligence referred to as APT29 (and Midnight Blizzard).
The German firm mentioned its investigation to this point factors to an preliminary intrusion on June 26 “associated to the credentials of a typical worker account in our company IT atmosphere.”
TeamViewer mentioned the cyberattack was “contained” inside its company community and that the corporate separates its inner community and buyer programs. The corporate added that it has “no proof that the attacker gained entry to our product atmosphere or buyer knowledge.”
Martina Dyer, a TeamViewer spokesperson, declined to reply a variety of questions from TechCrunch, together with whether or not the corporate has the technical means, similar to via logs, to find out what knowledge was accessed or extracted from its community.
TeamViewer is among the hottest suppliers of distant entry instruments, permitting its company purchasers, together with transport large DHL and beverage maker Coca-Cola, on his web site — to entry different gadgets and computer systems by way of the Web. The Firm says it has greater than 600,000 paying prospects and supplies distant entry to greater than 2.5 billion gadgets worldwide.
TeamViewer additionally It’s recognized to be abused by hackers for the opportunity of utilizing it to remotely set up malware on the sufferer’s gadget.
It isn’t recognized how the TeamViewer worker’s credentials had been compromised, and TeamViewer has not disclosed.
The U.S. authorities and safety researchers have lengthy attributed APT29 to hackers working for Russia’s SVR overseas intelligence service. APT29 is among the most persistent and well-resourced government-backed hacking teams, recognized for utilizing easy however efficient hacking methods, together with password theft, to conduct long-term, covert espionage campaigns based mostly on the theft of delicate knowledge.
TeamViewer is the newest tech firm to come back below the radar of Russia’s SVR. The identical group of presidency hackers compromised Microsoft’s company community earlier this 12 months to steal emails from high executives to seek out out what is understood in regards to the intruding hackers themselves. Microsoft mentioned different tech firms have been compromised within the ongoing Russian espionage marketing campaign, and the US cybersecurity company CISA has confirmed federal authorities e mail hosted on the Microsoft cloud had been additionally stolen.
Months later, Microsoft says it is struggling to purge hackers from its programscalling the marketing campaign an “ongoing, vital dedication” of the Russian authorities’s “assets, coordination and a spotlight.”
The US authorities additionally accused the Russian APT29 for the 2019–2020 espionage marketing campaign towards US software program firm SolarWinds. A cyberattack led to an enormous breach of U.S. federal authorities businesses by introducing a hidden malicious backdoor into SolarWinds’ flagship software program. When the contaminated software program replace was despatched to SolarWinds prospects, Russian hackers had entry to all networks the place the hacked software program was workingtogether with the Treasury, Justice Division, and State Division.
Have you learnt extra in regards to the TeamViewer cyberattack? Contact us. To contact this reporter, please contact Sign and WhatsApp at +1 646-755-8849 or by e mail. You too can ship recordsdata and paperwork by way of SecureDrop.