Remote IT management provider TeamViewer says it has been hacked, allegedly by Russian state hackers from APT29

0x815@feddit.org to Technology@lemmy.world – 150 points – Statement | Trust Center | TeamViewer
teamviewer.com

Archived

Here is a thread on it: https://infosec.exchange/@jtig/112689665815283809

  • So far "there is no evidence to suggest that the product environment or customer data is affected," the company says on its website.
  • TeamViewer's internal IT environment is completely independent from its product environment, the firm adds.

[Edit typo.]

13

Any professional still using team viewer deserves this. I just feel sorry for all the novices that get caught up in this.

My professor made me install TeamViewer to our lab computers despite strong pushback from me, and perfectly functioning ssh access through the campus VPN. I can't wait to send this to him.

That could have been me a few years ago. I was still using teamviewer up until 2020 to connect to my desktop from my laptop. It's so handy.

Fortunately it was when I started learning about open-source solutions

Fuck Russia and their welcoming of hackers, constantly hacking and ransoming shit.

Over and over, fucking scum: https://www.bloomberg.com/news/articles/2024-06-28/cdk-hackers-have-ties-to-notorious-russia-based-cyber-gang?srnd=technology-vp

from companies to city infrastructure to fucking hospitals: https://www.beckershospitalreview.com/cybersecurity/us-hospitals-paid-100m-to-russian-ransomware-hackers.html

https://www.bbc.com/news/technology-60378009

74% of ransomware revenue goes to Russia-linked hackers

https://home.treasury.gov/news/press-releases/jy2114

Russia continues to offer safe harbor for cybercriminals where groups such as LockBit are free to launch ransomware attacks against the United States, its allies, and partners. These ransomware attacks have targeted critical infrastructure, including hospitals, schools, and financial institutions.

Since they classed my personal account as professional I hope Team Viewer never recovers.

Gee, it's lucky they didn't start requiring an account for personal use....... Oh, wait.

RDP for Windows comes built in. VNC has a really fast install on Linux. There's no reason not to use them and loan your remote sessions to a third party company.

RDP does not fill the same role as Teamviewer at all. The M$ alternatives would be Quick Assist or the older MSRA.

Because TeamViewer will set up a port forwarding and a NAT traversal for you.

VNC and RDP only work when your host has a public IP, or you know how to set up a proxy.

And you should not ever expose RDP or VNC to the Internet, every, for any reason, for any length of time, whatsoever.

RDP is for pro version only, and plenty of people get home version by default. There are better options, but I want to clarify that.

RustDesk is the closest alternative, and I think it does a pretty good job.