Remote access giant TeamViewer says Russian spies hacked its corporate network

Date:

Share post:


TeamViewer, the company that makes widely used remote access tools for companies, has confirmed an ongoing cyberattack on its corporate network. 

In a statement Friday, the company attributed the compromise to government-backed hackers working for Russian intelligence, known as APT29 (and Midnight Blizzard).

The Germany-based company said its investigation so far points to an initial intrusion on June 26 “tied to credentials of a standard employee account within our corporate IT environment.” 

TeamViewer said that the cyberattack “was contained” to its corporate network and that the company keeps its internal network and customer systems separate. The company added that it has “no evidence that the threat actor gained access to our product environment or customer data.” 

Martina Dier, a spokesperson for TeamViewer, declined to answer a series of questions from TechCrunch, including whether the company has the technical ability, such as logs, to determine what, if any, data was accessed or exfiltrated from its network.

TeamViewer is one of the more popular providers of remote access tools, allowing its corporate customers — including shipping giant DHL and beverage maker Coca-Cola, per its website — to access other devices and computers from over the internet. The company says it has more than 600,000 paying customers and facilitates remote access to more than 2.5 billion devices around the world. 

TeamViewer is also known to be abused by malicious hackers for its ability to be used to remotely plant malware on a victim’s device. 

It’s not known how the TeamViewer employee’s credentials were compromised, and TeamViewer did not say.  

The U.S. government and security researchers have long attributed APT29 to hackers working for Russia’s foreign intelligence service, the SVR. APT29 is one of the more persistent, well-resourced government-backed hacking groups, and known for its use of simple but effective hacking techniques — including stealing passwords — to conduct long-running stealthy espionage campaigns that rely on stealing sensitive data. 

TeamViewer is the latest tech company targeted by Russia’s SVR of late. The same group of government hackers compromised Microsoft’s corporate network earlier this year to steal emails from top executives to learn what was known about the intruding hackers themselves. Microsoft said other tech companies were compromised during the ongoing Russian espionage campaign, and U.S. cybersecurity agency CISA confirmed federal government emails hosted on Microsoft’s cloud were also stolen.

Months later, Microsoft said it was struggling to eject the hackers from its systems, calling the campaign a “sustained, significant commitment” of the Russian government’s “resources, coordination, and focus.”

The U.S. government also blamed Russia’s APT29 for the 2019-2020 espionage campaign targeting U.S. software firm SolarWinds. The cyberattack saw the mass-hacking of U.S. federal government agencies by way of planting a hidden malicious backdoor in SolarWinds’ flagship software. When the tainted software update was pushed out to SolarWinds’ customers, the Russian hackers had access to every network running the compromised software, including the Treasury, Justice Department, and the Department of State.


Do you know more about the TeamViewer cyberattack? Get in touch. To contact this reporter, get in touch on Signal and WhatsApp at +1 646-755-8849, or by email. You also can send files and documents via SecureDrop.



Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

Threads adjusts its algorithm to show you more content from accounts you follow

After several complaints about its algorithm, Threads is finally making changes to surface more content from people...

Spotify tests a video feature for audiobooks as it ramps up video expansion

Spotify is enhancing the audiobook experience for premium users through three new experiments: video clips, author pages,...

Candela brings its P-12 electric ferry to Tahoe and adds another $14M to build more

Electric passenger boat startup Candela has topped off its most recent raise with another $14 million, the...

OneRail’s software helps solve the last-mile delivery problem

Last-mile delivery, the very last step of the delivery process, is a common pain point for companies....

Bill to ban social media use by under-16s arrives in Australia’s parliament

Legislation to ban social media for under 16s has been introduced in the Australian parliament. The country’s...

Lighthouse, an analytics provider for the hospitality sector, lights up with $370M at a $1B valuation

Here is yet one more sign of the travel industry’s noticeable boom: a major growth round for...

DOJ: Google must sell Chrome to end monopoly

The United States Department of Justice argued Wednesday that Google should divest its Chrome browser as part...

WhatsApp will finally let you unsubscribe from business marketing spam

WhatsApp Business has grown to over 200 million monthly users over the past few years. That means there...