WARNING: TeamViewer may have been hacked or they are reusing passwords

1d7ca7b6-6269-4040-89b1-cd9d7588191a

Urgent post from reddit /u/Executioner1337.

This issue is not getting enough attention, please spread it.

Users are reporting breaches, and thousands of dollars have been stolen with the client, all over /r/teamviewer and at their support Twitter account. TV is blaming users with reusing passwords, yet users with 2FA and unique very long generated passwords were hacked.

Some also suggest that their DNS servers were hijacked and the clients believed the fake server, being the method of the attack.

One of the main problems are that they are not taking responsibility: (quoted from /u/rich-uk)

Teamviewer is being used as a vector of attack. This has happened on other sites where they had no critical information and within 48 hours everyone’s logged in sessions were logged out, an email went round saying you had to click the link in the email (to verify ownership) and set up two factor auth as they knew they were being targeted. Teamviewer must know they are being targeted, and the stakes are high as the software allows complete access to a trusted machine – it’s basically a master key – and there hasn’t been a single response with teeth from teamviewer.

A few links:
Their official statement blaming user’s passwordsarchive.is snapshot
Their support Twitter account with user interactions[Mirror of some][canned replies][in case they take them down], archive.is snapshot of some
TV threatening writers to change articlesThe /r/teamviewer megathread
The Register article on the issue – They are getting canned replies too.
Inquisitr article on the issue

This may or may not be that TeamViewer is actually hacked, the more likely scenario is that they are re-using password combonations from other sites, however on ANY AND ALL screen-sharing websites, you should NEVER reuse username and password combos from other sites, not matter how secure you think they may be.

EDIT from Reddit /u/savage24x:

That’s how I got hacked. 5/25/2016 and 5/28/2016, they logged into one of my computers at 3:24AM both days and used my PayPal, Microsoft account, eBay account, to buy tons of codes for different online stores. I just checked my browser history on that computer and sure enough, all those sites were visited. My bank took care of everything, so did PayPal and Microsoft. It was fucking teamviewer. I enabled TFA for the time being and turned off all computers connected to teamviewer.

EDIT from TeamViewer:

Göppingen/Germany, June 1, 2016. TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.

Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. We have no evidence that these issues are related.

The truth of the matter is:

  1. TeamViewer experienced network issues because of the DoS-attack to DNS servers and fixed them.
  2. There is no security breach at TeamViewer.
  3. Regardless of the incident, TeamViewer continuously works to ensure the highest possible level of data and user protection.

Even though the server outage is not in any way related to the below mentioned advice, TeamViewer would like to reaffirm:

Careless use of account credentials remains to be a key problem for all internet services. This particularly includes the use of the same password across multiple user accounts with various internet services.

In addition, users might unintentionally download and install malware programs. Yet once a system is infected, perpetrators can virtually do anything with that particular system – depending on how intricate the malware is, it can capture the entire system, seize or manipulate information, and so forth.

TeamViewer strongly recommends:

  • Users should avoid all affiliate or adware bundles: While users may think they are just downloading a harmless program, the software could in fact install something else.
  • Users ought to download TeamViewer only through the official TeamViewer channels such as the TeamViewer website https://www.teamviewer.com
  • Users should protect any user account – whether it is with TeamViewer or any another supplier – by using unique and secure passwords that are frequently changed.
  • Users should ensure they have reliable anti-malware and security solutions in place at all times.

The TeamViewer support team is happy to answer any potential technical issues or queries at: https://www.teamviewer.com/en/support/contact/submit-a-ticket/

TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their cases. This is particularly important because TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.

Previous Bench.co misleads users, lists two prices on ADs
Next And..... Most of Apple's Services go down.

About author

Walter Marrero 228 posts

An executive analyst at an elite technology & business focused publication.

View all posts by this author →