9621 Agnes Crossing, Lake Suzanneview, New Mexico Island 84604-9295.
After an investigation, the TeamViewer hack appears to be the responsibility of APT29: the Russian organization that is also behind the SolarWinds hack. Fortunately, the damage is now
After an investigation, the TeamViewer hack appears to be the responsibility of APT29: the Russian organization that is also behind the SolarWinds hack. Fortunately, the damage is now limited.
TeamViewer shares more details about the hack it discovered last week. It seems that the company has crawled through the eye of the needle. According to research by TeamViewer together with external security specialists, APT29 is responsible. This is a criminal organization controlled by the Russian Kremlin.
APT29, also known as Midnight Blizzard or Cozy Bear, became notorious for hacking SolarWinds’ Orion IT management software. Using this tool, the hackers gained access to the IT environments of around 18,000 companies.
APT29 probably had a very similar goal with TeamViewer. The company’s software enables remote access to computers. Around 640,000 customers use TeamViewer’s remote desktop solution.
Fortunately, TeamViewer detected the hack in time. The company made this clear in a response with accompanying updates. TeamViewer and the external security specialist have now traced the hack back to an employee’s account to which APT29 obtained access data. On June 26, TeamViewer’s security system immediately detected suspicious activity.
In this way, the impact of the breach was likely limited. In any case, TeamViewer confirms that the attackers did not gain access to the production environment. “We have implemented a strict separation of our corporate IT network, the production environment and the TeamViewer platform according to best practices,” said TeamViewer. “This means that we strictly separate all servers, networks and accounts to prevent unauthorized lateral movement between the different environments.”
The APT29 hackers were not kicked out of the TeamViewer environment empty-handed. This allowed them to collect data about employees, such as names and encrypted passwords. The affected employees were notified and TeamViewer has taken measures to prevent misuse of this data. The company has now started to restore the IT environment to a trustworthy state.
Source: IT Daily
As an experienced journalist and author, Mary has been reporting on the latest news and trends for over 5 years. With a passion for uncovering the stories behind the headlines, Mary has earned a reputation as a trusted voice in the world of journalism. Her writing style is insightful, engaging and thought-provoking, as she takes a deep dive into the most pressing issues of our time.
