Breach Notification , Cybercrime , Fraud Management & Cybercrime

AnyDesk Confirms Systems Hacked, Triggers Password Reset

Company Says Problem Remediated, All Security-Related Certificates Revoked
AnyDesk Confirms Systems Hacked, Triggers Password Reset
Image: Shutterstock

Remote desktop application provider AnyDesk acknowledged that hackers recently had gained unauthorized access to the company's production systems in a cyberattack.

See Also: Gartner Guide for Digital Forensics and Incident Response

The company in a statement Friday said it had worked with cybersecurity experts from CrowdStrike to remediate the incident and notify authorities.

AnyDesk said the incident did not involve ransomware. "We have revoked all security-related certificates and systems have been remediated or replaced where necessary. We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one," the company said.

BleepingComputer reported that source code and private code signing keys had been stolen during the cyber incident. But AnyDesk said that its systems are designed not to store private keys, security tokens or passwords that could be exploited to connect to end-user devices.

As a precaution, AnyDesk is revoking all passwords to its web portal, my.anydesk.com, and advising users to change their password anywhere else they may have reused it, according to the statement.

The Stuttgart, Germany-based company provides remote desktop software that enables users to access and control a computer or device from another location. It is commonly used for remote assistance, collaboration and accessing files or applications on a different machine.

Cybercriminals often target remote desktop applications to take over computers and potentially empty bank accounts, steal data or perform other malicious tasks remotely.

"To date, we have no evidence that any end-user devices have been affected. We can confirm that the situation is under control and it is safe to use AnyDesk. Please ensure that you are using the latest version, with the new code signing certificate," the company said.

AnyDesk boasts a diverse customer base of 170,000 organizations, including 7-Eleven, Comcast, LG Electronics, Samsung Electronics, Spidercam, MIT, Nvidia, Siemens, the United Nations and Thales.

Last week, Günter Born, who writes the blog BornCity, sent an alert to all IT admins who use the remote maintenance software for remote support, warning that the service had been undergoing maintenance since Jan. 30, 2024.

This news came a day after internet infrastructure provider Cloudflare had said that a nation-state hacker used an access token and three service account credentials stolen from Okta in September to access a self-hosted Atlassian server used by Cloudflare.

The company said it had "failed to rotate" the credentials after Okta disclosed the attack in October.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.