Teamviewer Down. Continued reports on Reddit of hacks.

nlinecomputers

nlinecomputers

Well-Known Member
Reaction score
8,612
Location
Midland TX
Teamviewer has been down most of the day. The past hour or so it has been slowly coming back online. Their DNS servers were offline during this.

The Inquistir is reporting that TV has been hacked and said hackers have been using the compromised site to RAT into end user systems.
http://www.inquisitr.com/3156809/teamviewer-accounts-hacked-thousands-of-customers-vulnerable/
Reddit has been posting a lot of reports of this hacking.
https://www.reddit.com/r/teamviewer
Personally, I have trouble with the Inquistir being the only source on this and Reddit is always a free for all.
But keep an eye on your accounts, change passwords, and enable 2FA.

This, of course, has also impacted MaxFocus which uses TV as it's remote management tool.
 
Strange that teamviewer would be targeted so heavily and so suddenly if it were really just a case of bad passwords though.
 
Nothing official that I can find beyond the rumour mill going at full pelt. That being said if people are reusing login credentials then as
nlinecomputers stated, plenty of password lists from recent breaches.
 
It could be weak or stolen passwords, but it seems to me that everyone is avoiding answering why people with 2FA are having problems too.
 
Happened to my husband last night. He uses 2fa and had a password unique to TV. He was on the machine at the time, so no accessing of Paypal, Amazon or anything else. He immediately disconnected. He was only using it to support his father's machine who passed a few months ago, so TV is now gone.

Sorry, but the claims on Reddit are most likely true since I saw it happening here.
 
Daifne said:
Happened to my husband last night. He uses 2fa and had a password unique to TV. He was on the machine at the time, so no accessing of Paypal, Amazon or anything else. He immediately disconnected. He was only using it to support his father's machine who passed a few months ago, so TV is now gone.

Sorry, but the claims on Reddit are most likely true since I saw it happening here.
Click to expand...
Is this a free account or a paid version of Team Viewer?
 
Daifne said:
Happened to my husband last night. He uses 2fa and had a password unique to TV. He was on the machine at the time, so no accessing of Paypal, Amazon or anything else. He immediately disconnected. He was only using it to support his father's machine who passed a few months ago, so TV is now gone.

Sorry, but the claims on Reddit are most likely true since I saw it happening here.
Click to expand...

Oh wow, very interesting. I did change my password on Teamviewer as well.
 
If its true, this is going to be an even bigger scandal than when Sony got hacked and got caught lying when they denied it.
 
Just shut down TV remotely on all my clients as a precaution and sent out warning emails as they like to login after hours. I have not seen any break ins yet in my realm... (crossing fingers).
 
TV statement says, "At this point we want to underscore that TeamViewer account authentication uses the Secure Remote Password protocol (SRP) and therefore does not store any password-equivalent data."

So the computer contact list/passwords stored pertaining to a TV account are not stored within TV's servers....? (If the passwords are only stored on the machines doing the accessing, and, the machines being accessed, then it would be impossible to visit a TV install within a VM, sign on via TV account, and instantly connect with any stored password credentials created on another install, ....right? If that were not true, then clearly the password database must be stored within TV's servers somewhere...)
 
The other issue is no one is certain if the TV servers have been attacked or the end points are being attacked directly. I can login into any client endpoint if I know the 9 digit ID number and your remote password installed on the endpoint. You don't have to have an account on TV to use TV for remote access but if you have TV running as a service on your PC then you have setup a password on it. If you picked a bad password or worse have reused that password on other services then the chances of breaking in are higher.

If you use TV then you should consider setting up higher security on the units you manage.
1. On your TV account pick a unique password and set up 2FA
2. On your endpoints go to Extra/Options/Security and turn off Random Passwords
3. Setup a good strong password for the unit. Use unique passwords for every machine you manage.
4. Enable the whitelist. You can restrict your whitelist to your account or to the ID numbers of the computers you will remote in from.
5. Reconsider if you really need TV running all the time. If you only use this to help MOM out when she calls you then you can teach her to click the icon on when you are using it and exit out when you are done. Running as a service increases risk.
 
Really what echos thru my mind are past qoutes from customers saying "Can you make my password something simple? Really long ones are just too hard".

I think it boils down to two things:

1. TV is lying trying to protect their customer base and in the background trying to figure out what happened and fix it.

2. The people broke into just didnt have very good ideas on password protection and the break ins occurred because they used the same password on several different accounts - To make it "simple".

Hard telling.
 
You must log in or register to reply here.

Similar threads

GTP
Activate any version of Windows, Windows Server, Office etc...
Replies
5
Views
2K
fincoder
fincoder
britechguy
Windows 11 on Incompatible Hardware & with Local User - a new experience
Replies
17
Views
3K
britechguy
britechguy
callthatgirl
GoDaddy Microsoft 365 Pros and Cons
Replies
9
Views
8K
Your PCMD
Your PCMD
NETWizz
Working on Air Print via FreeBSD on Pi
Replies
5
Views
1K
NETWizz
NETWizz
P
Which component can cause memtest86+ wrongly detect defective RAM on MacBook Pro A1286?
Replies
3
Views
969
HCHTech
HCHTech
Back
Top