BRUSSELS (dpa-AFX) - AnyDesk Software, a Germany-based developer of popular remote access software, recently notified customers about a significant security breach.
Despite the breach, AnyDesk reassures customers of the software's safety, advising them to change their password and update to the latest version containing the new code signing certificate. The incident's nature hints at a potential supply chain attack, posing serious risks as threat actors could distribute malicious software to the victim's customers.
The software, used by millions of IT professionals to connect remotely to clients' devices for technical assistance, raised concerns last Monday by announcing a change in its code-signing certificates. After experiencing a days-long outage, AnyDesk confirmed on Friday that it had discovered evidence of compromised production systems.
The company took immediate action, revoking all security-related certificates, replacing or remediating systems as needed, and invalidating all passwords to the customer web portal.
While details about the attack remain scarce, AnyDesk has since enlisted the help of cybersecurity firm CrowdStrike to investigate and address the incident, while also notifying the relevant authorities.
Following the breach, cybersecurity firm Resecurity reported that an individual was attempting to sell the credentials of over 18,000 AnyDesk customers on a cybercrime forum for $15,000 in cryptocurrency. These credentials were likely obtained through information-stealer malware compromising AnyDesk users' systems.
Resecurity also said that while the sale of credentials may not be directly linked to the breach, cybercriminals are likely rushing to capitalize on them before users change their login details as recommended by the vendor in response to the breach.
Copyright(c) 2024 RTTNews.com. All Rights Reserved
Copyright RTT News/dpa-AFX
© 2024 AFX News
