TeamViewer – the remote control and online collaboration software – users have been reporting their accounts are being hacked and attackers ransacking their computer accounts. Some even reported being drained clean of their cash kept in their PayPal and bank accounts.
Even security experts were among some of the affected victims. An IBM security researcher, Nick Bradley gave an account of how he almost got hacked:
“In the middle of my gaming session, I lose control of my mouse, and the TeamViewer window pops up in the bottom right corner of my screen. As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running TeamViewer!
I run downstairs where another computer is still up and running. Low and behold, the TeamViewer window shows up. Before I am able to kill it, the attacker opens a browser window and attempts to go to a new webpage. As soon as I reach the machine, I revoke control and close the app. I immediately go to the TeamViewer website and change my password while also enabling two-factor authentication.”
TeamViewer maintains the widespread hack into their network is as the result of end users’ careless passwords practices. TeamViewer attributed the access to users’ passwords to the recent big bunch of 624 million passwords that were made public online last month.
In a press release TeamViewer wrote: “As you have probably heard, there have been unprecedented large-scale data thefts on popular social media platforms and other web service providers. Unfortunately, credentials stolen in these external breaches have been used to access TeamViewer accounts, as well as other services.
They have taken advantage of common use of the same account information across multiple services to cause damage.”
TeamViewer has since come up with new measures to prevent such a widespread hack on their network. They have launched Trusted Devices and Data Integrity services.
Trusted Devices service will ensure that before a new device accesses an existing TeamViewer account for the first time, it must be explicitly authorized by the account holder. That will be done through an in-app notification that will ask the user to approve the device by clicking on a link sent to their email address.
Data Integrity service will be a continuous service monitoring the activities of every TeamViewer account. It will determine “continuously if your TeamViewer account shows unusual behavior (e.g. access from a new location) that might suggest it has been compromised. To safeguard your data integrity, your TeamViewer account will be marked for an enforced password reset.”