TeamViewer Users Claim Accounts Hacked, Service Goes Offline With Server Issues
Editor’s note: TeamViewer has reached out to the Inquisitr to clarify that the service issue is unrelated and was caused by server issues. Their official statement has been appended to the end of this story.
TeamViewer is a remote desktop connection software that allows users to share screens and allow remote access from anywhere in the world. In the past 24 hours, many customers have made unverified claims that their computers were maliciously accessed by hackers. According to these sources, hackers are using TeamViewer to access the computers late at night, out of standard USA working hours, and accessing bank accounts using saved browser passwords, or installing forms of ransomware. As of 12 p.m. Wednesday, the TeamViewer website was offline, with their Twitter being the only form of comment so far from the company. TeamViewer later stated that these claims of hacking attacks were not related to the website outage.
We are currently experiencing issues in parts of our network. We apologize for any inconveniences caused.
— TeamViewer (@TeamViewer) June 1, 2016
I did have 2FA. They got in my PC at4:50am MT, left at 8:31am. Bought about $3k in stuff with my paypal
— GoombaMunki (@goombamunki) June 1, 2016
Over the past 24 hours, customers have taken their concerns to Reddit to share their thoughts and look for answers. There are user reports of both PayPal and bank accounts being hacked.
This is not TeamViewer’s first time experiencing the difficult fight against hackers. Just one week ago, TeamViewer deflected any claimed they had problems on their end with security, denying any responsibility of the issue.
“I was using a strong password that was unique to TeamViewer and they still got in and cleaned out my bank account. They logged in and used ChromePass to see my passwords stored in Chrome.” says ShatteredAutumn, a Reddit user.
“Random non-contact remoted in and emptied my bank [account].” says the user Jekerdud, another Reddit user.
Backdoor Abuses TeamViewer to Load Malicious Library https://t.co/UJchkjIdZR #cybersecurity #infosec
— Kenneth O. Holley (@kennethholley) May 30, 2016
The issues, one being a spike in the amount of hacked accounts in the past 48 hours, and the other being the official TeamViewer website being offline, may be entirely unrelated and a coincidence, as TeamViewer has yet to make a comment on either of the issues.
By approximately 12:50 p.m., the TeamViewer website was back up in parts of the world, and the issue seems to have rooted from a problem with DNS servers.
This outage fell at an inconvenient time for TeamViewer and has led many people believe the influx of attacks were related.
According to sources, there have been reports of customers over the months being a victim of ransomware installed via TeamViewer. Ransomware is a virus installed on a computer, which encrypts all files, rendering them useless until unlocked by the hacker. With the rise of Bitcoin, hackers can now anonymously, safely, and irreversibly accept ransoms online.
These ransomware viruses charge up to several hundreds of dollars generally for removal of the virus on personal computers. In February, a U.S. school paid $8,500 to remove ransomware.
The problem with paying the ransom is the hackers don’t always come through with their promises, because they don’t have to. They are anonymous, and Bitcoin transactions are final. Paying ransoms has also been said to promote hackers to continue this type of activity.
As antivirus software continues to advance, they can still be disabled by user control when using TeamViewer, just like the original user of the computer can. This allows hackers to skip right over the best antivirus software and install what they’d like.
To protect yourself against hackers, TeamViewer recommends users to install two-factor authentication, which adds an additional layer of protection, on top of just knowing your password. Some users who use two-factor authentication have still experienced malicious logins. Other tips include using passwords unique to TeamViewer and using a combination of uppercase and lowercase letters, numbers, and symbols.
After the website was restored, TeamViewer claimed in several tweets that there were no breaches of security. TeamViewer’s last official comment on the rising issues of hackers was on May 23 in their press release.
“The source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side,” said TeamViewer.
Their website and Twitter can be monitored for comments over the upcoming hours.
We are back up and running again. However it may take some time until all regions are back to regular service.
— TeamViewer (@TeamViewer) June 1, 2016
TeamViewer Statement
“TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of- service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.
Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. We have no evidence that these issues are related.
The truth of the matter is:
1. TeamViewer experienced network issues because of the DoS-attack to DNS servers and fixed them.
2. There is no security breach at TeamViewer.
3. Regardless of the incident, TeamViewer continuously works to ensure the highest possible level of data and user protection.
Even though the server outage is not in any way related to the below mentioned advice, TeamViewer would like to reaffirm:
Careless use of account credentials remains to be a key problem for all internet services. This particularly includes the use of the same password across multiple user accounts with various internet services.
In addition, users might unintentionally download and install malware programs. Yet once a system is infected, perpetrators can virtually do anything with that particular system – depending on how intricate the malware is, it can capture the entire system, seize or manipulate information, and so forth.”
[Photo by Shutterstock/welcomia]