Supply Chain: AnyDesk Customers Affected By Credentials Breach

Uploaded on 2024-02-07 in TECHNOLOGY--Hackers, FREE TO VIEW

Remote desktop software maker AnyDesk has disclosed that it suffered a cyber attack first detected on on Friday 2nd February that has caused problems with its production systems. 

As a consequence, AnyDesk is revoking certificates and passwords which may affect as many as 170k customers, including  major business es like Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales.

The German based company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant authorities. "We have revoked all security-related certificates and systems have been remediated or replaced where necessary," the company said in a statement. 

The  AnyDesk credentials seem to have been obtained with the aid of information-stealer malware that had compromised AnyDesk users’ systems.  "We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one." the company said.

AnyDesk did not disclose when and how its production systems were breached. It's currently not known if any information was stolen following the hack. However, it emphasised there is no evidence that any end-user systems have been affected.

Meanwhile, researchers at endpoint protection specialist Resecurity have found two threat actors, one of whom goes by the online alias "Jobaaaaa," advertising a "significant number of AnyDesk customer credentials for sale at Exploit[.]in," noting it could be used for "technical support scams and mailing (phishing)." The threat actor has been found offering 18,317 accounts for $15,000 in crypto currency, in addition to agreeing to a deal via escrow on the cyber crime forum. There is no evidence that  sale of credentials is related to the AnyDesk breach,

While exactly how these credentials were obtained, cyber criminals will be moving fast to exploit the exposed login details before passwords are reset.

These events follow only a a day after leading Internet security firm Cloudflare said that it was hacked by a suspected nation-state attacker using stolen credentials to gain unauthorised access to its Atlassian server and ultimately access documentation and a limited amount of source code

AnyDesk:      AnyDesk:      @anydesk:      Resecurity:    Born City:    Cloudflare:      Security Week:   

Hacker News:    TechTarget:     YCombninator:  

You Might Also Read:      

 BEC Attacks: Trends & Predictions For 2024:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Elections 2024 - Fake News & Misinformation  
Healthcare Has Issues With Outsourced Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

44CON

44CON

44CON is an Information Security Conference & Training event taking place in London. Designed to provide something for the business and technical Information Security professional.

Identiv

Identiv

Identiv is a global security technology company that establishes trust in the connected world, including premises, information and everyday items.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

Coalfire

Coalfire

Coalfire specialises in cyber risk management and compliance. Our services span the cybersecurity lifecycle from advisory and compliance, to testing and engineering, monitoring and optimization.

Safetica

Safetica

Safetica Technologies is a Czech software company that delivers data protection solutions for businesses of all types and sizes.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

ALTR

ALTR

ALTR provide software-embedded solutions for data security and privacy.

Citalid

Citalid

The Citalid cyber risk management platform combines threat and business intelligence to identify the risks scenarios you face.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Telesystem

Telesystem

Telesystem empowers businesses across the USA with a range of innovative network, communication and collaboration solutions.

ASMGi

ASMGi

ASMGi is a managed services, security and GRC solutions, and software development provider.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.

Chaos Computer Club (CCC)

Chaos Computer Club (CCC)

The Chaos Computer Club is Europe's largest association of hackers.