Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Teamviewer Accounts Hacked


  • Please log in to reply
8 replies to this topic

#1 JohnC_21

JohnC_21

  • Members
  • 23,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:23 AM

Posted 01 June 2016 - 03:36 PM

TeamViewer is a remote desktop connection software that allows users to share screens and allow remote access from anywhere in the world. In the past 24 hours, many customers have claimed their computers were maliciously accessed by hackers. Hackers are accessing the computers late at night, out of standard USA working hours, and accessing bank accounts using saved browser passwords, or installing forms of ransomware. As of 12 p.m. Wednesday, the TeamViewer website remains offline, with their Twitter being the only form of comment so far from the company.

 

Article



BC AdBot (Login to Remove)

 


#2 TwinHeadedEagle

TwinHeadedEagle

  • Security Colleague
  • 351 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:07:23 AM

Posted 02 June 2016 - 04:24 AM

Yesterday I was using TeamViewer to remotely access customer's computer when it suddenly stopped working.

 

Reddit is full of complaints. 

 

https://www.reddit.com/r/teamviewer/

 

Check your TeamViewer logs for this file: webbrowserpassview.exe

 

You can find them on this location:

 

C:\Program Files (x86)\TeamViewer

 

sczvj8.png

 

If you find signs of it, change your passwords immediately.

 

https://www.virustotal.com/en/file/19c95954d7ccc83bcda8f73cd06381a691cbe7d06956e4d77c384b350fefa27a/analysis/

 

 

TeamViewer made an announcement about this several days ago:

 

https://www.teamviewer.com/en/company/press/statement-on-potential-teamviewer-hackers

 

 

If you haven't done it yet, now is the time to activate two factor authentication:

 

https://www.teamviewer.com/en/help/398-what-is-two-factor-authentication-for-your-teamviewer-account


Edited by TwinHeadedEagle, 02 June 2016 - 04:35 AM.


#3 JohnC_21

JohnC_21
  • Topic Starter

  • Members
  • 23,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:23 AM

Posted 02 June 2016 - 08:51 PM

Team Viewer Denies Hack

 

http://www.theregister.co.uk/2016/06/01/teamviewer_mass_breach_report/



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:23 AM

Posted 04 June 2016 - 08:37 AM

Well I just received an email from TeamViewer asking me to change my password because they detected unusual activity on my account. They also blame the recent breaches/dumps as part of the problem.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 JohnC_21

JohnC_21
  • Topic Starter

  • Members
  • 23,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:23 AM

Posted 04 June 2016 - 09:19 AM

http://www.theregister.co.uk/2016/06/03/teamviewer_beefs_up_security/



#6 Winterland

Winterland

  • Members
  • 980 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:12:23 AM

Posted 07 June 2016 - 11:25 AM

I've got TeamViewer installed on my computer and my Mother-in-Law's computer but they are never running.

 

 

In fact, I haven't used them yet, should I still go ahead and change my password?

 

Winterland


Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#7 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:04:23 PM

Posted 08 June 2016 - 05:38 PM

I've got TeamViewer installed on my computer and my Mother-in-Law's computer but they are never running.

 

 

In fact, I haven't used them yet, should I still go ahead and change my password?

 

Winterland

You should be ok mate as this is only for the people who have the service running non stop so they can access their PC /  Server any time which is a silly thing really.



#8 Winterland

Winterland

  • Members
  • 980 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Enchantment
  • Local time:12:23 AM

Posted 09 June 2016 - 10:26 AM

You should be ok mate as this is only for the people who have the service running non stop so they can access their PC /  Server any time which is a silly thing really.

 

 

That's kind of what I was thinking.

 

The whole reporting of this seemed a little exaggerated at first so I thought I'd head on over to Bleeping and get the scoop on what was really happening.

 

Appreciate the information.

 

Winterland


Photobucket removed my cool flag - idiots!

 

Every calculation based on experience elsewhere fails in New Mexico.


#9 Ridernyc

Ridernyc

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:02:23 AM

Posted 11 June 2016 - 04:52 PM

I haven't read up on it a few days but I'm leaning on the side of these are people who are using weak and/or compromised passwords.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users