Supply Chain: AnyDesk Customers Affected By Credentials Breach

Uploaded on 2024-02-07 in TECHNOLOGY--Hackers, FREE TO VIEW

Remote desktop software maker AnyDesk has disclosed that it suffered a cyber attack first detected on on Friday 2nd February that has caused problems with its production systems. 

As a consequence, AnyDesk is revoking certificates and passwords which may affect as many as 170k customers, including  major business es like Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales.

The German based company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant authorities. "We have revoked all security-related certificates and systems have been remediated or replaced where necessary," the company said in a statement. 

The  AnyDesk credentials seem to have been obtained with the aid of information-stealer malware that had compromised AnyDesk users’ systems.  "We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one." the company said.

AnyDesk did not disclose when and how its production systems were breached. It's currently not known if any information was stolen following the hack. However, it emphasised there is no evidence that any end-user systems have been affected.

Meanwhile, researchers at endpoint protection specialist Resecurity have found two threat actors, one of whom goes by the online alias "Jobaaaaa," advertising a "significant number of AnyDesk customer credentials for sale at Exploit[.]in," noting it could be used for "technical support scams and mailing (phishing)." The threat actor has been found offering 18,317 accounts for $15,000 in crypto currency, in addition to agreeing to a deal via escrow on the cyber crime forum. There is no evidence that  sale of credentials is related to the AnyDesk breach,

While exactly how these credentials were obtained, cyber criminals will be moving fast to exploit the exposed login details before passwords are reset.

These events follow only a a day after leading Internet security firm Cloudflare said that it was hacked by a suspected nation-state attacker using stolen credentials to gain unauthorised access to its Atlassian server and ultimately access documentation and a limited amount of source code

AnyDesk:      AnyDesk:      @anydesk:      Resecurity:    Born City:    Cloudflare:      Security Week:   

Hacker News:    TechTarget:     YCombninator:  

You Might Also Read:      

 BEC Attacks: Trends & Predictions For 2024:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Elections 2024 - Fake News & Misinformation  
Healthcare Has Issues With Outsourced Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

Cato Networks

Cato Networks

Cato connects your branch locations, physical and cloud datacenters, and mobile users into a secure and optimized global network in the cloud.

ControlScan

ControlScan

ControlScan is a Managed Security Services Provider (MSSP) - our primary focus is protecting your business and securing your sensitive data.

CyberSmart

CyberSmart

CyberSmart is a platform that allows you to maintain compliance, achieve certification and secure your organisation.

Engineering Ingegneria Informatica

Engineering Ingegneria Informatica

Ingegneria Informatica is a leading Italian provider of Information Technology consulting, services and solutions including cyber security.

DXC Technology

DXC Technology

DXC Technology helps global companies run their mission critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

National Cybersecurity Hub South Africa

National Cybersecurity Hub South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Police Digital Security Centre (PDSC)

Police Digital Security Centre (PDSC)

PDSC is a not-for-profit organisation, owned by the police, that works across the UK in partnership with industry, government, academia and law enforcement.

Whistic

Whistic

Whistic is a cloud-based platform that uses a unique approach to address the challenges of third-party risk management.

Nostra

Nostra

Nostra are a next generation managed services provider with a constant focus on Security and Business Continuity.

Redsquid

Redsquid

At Redsquid we are all about making a difference to our customers with the use of technology, as an innovative provider of solutions within IoT, Cyber security, ICT, Data Connectivity & Voice.

Fenix24

Fenix24

Fenix24 is an industry leader in the incident-response space. We ensure the fastest response, leading to the full restoration of critical infrastructure, data, and systems.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.