Recently confirmed by AnyDesk, a cyberattack on their production systems resulted in unauthorized access by hackers, who also stole source code and code signing certificates. The breach, detected after indications of an incident on their servers, prompted AnyDesk to initiate a security audit and engage cybersecurity firm CrowdStrike for assistance. The attack, affecting a company with 170,000 customers, including major entities like 7-Eleven, Comcast, Samsung, MIT, NVIDIA, SIEMENS, and the United Nations, led to the compromise of AnyDesk’s systems. Despite the company’s assurance that the situation is under control, they did not disclose if any data was pilfered during the breach.
Although ransomware was ruled out, the focus of AnyDesk’s advisory was on their response strategy. They promptly revoked security-related certificates, replaced compromised systems, and emphasized the safety of using AnyDesk without evidence of end-user devices being impacted.
While AnyDesk claimed no authentication tokens were stolen, they opted to revoke all passwords to their web portal, urging users to update passwords, especially if shared across other sites. AnyDesk emphasized the inherent security of its design, asserting that session authentication tokens, integral to the end user’s device, cannot be stolen.
Amid ongoing maintenance affecting the AnyDesk client, lasting four days starting January 29th, access was restored without explanation for the disruption. AnyDesk later confirmed to Bleeping Computer that this maintenance was linked to the cybersecurity incident.
The company swiftly addressed the breach by replacing stolen code signing certificates, evident in the release of version 8.0.8 on January 29th. Despite not disclosing the breach’s exact timing, it coincided with a reported four-day outage.
Considering the incident, users are strongly advised to transition to the new software version, as the old code signing certificate is slated for revocation. Additionally, while AnyDesk asserts passwords were untouched, a precautionary password change is recommended, especially for users employing the same password across multiple platforms.
Amidst the rising frequency of cybersecurity incidents affecting renowned companies, the AnyDesk breach underscores the imperative for enhanced digital defenses across industries.
Disclaimer
NextNews strives for accurate tech news, but use it with caution - content changes often, external links may be iffy, and technical glitches happen. See full disclaimer for details.