The Spread of Ransomware Not the Result of TeamViewer Breach?
Axel Schmidt, Public Relations Manager at TeamViewer, has contacted The SMLR Group to clarify several reports linking the spread of ransomware to a TeamViewer account:
In the last couple of days, some reports surfaced which linked some ransomware infections with TeamViewer. We strongly condemn any criminal activity, however, we can emphasize two aspects:
(1) Up to now, none of the reported cases is based on a TeamViewer security breach
(2) Some selected steps will help prevent potential abuse
Ad (1.): We looked thoroughly at the cases that were reported to us. And according to our investigation, the underlying security issues cannot be attributed to TeamViewer. Thus far we have no evidence that would suggest any potential security breach of TeamViewer that attackers exploit. Furthermore, a man-in-the-middle attack can be excluded because of TeamViewer’s deployed end-to-end encryption. Apart from that, we would like to state, that none of the reports currently circulating hint at a structural deficit or a security glitch of TeamViewer.
Careless use is at the bottom of the cases we currently looked at. This particularly includes the use of the same password across multiple user accounts with various suppliers.
With many suppliers – such as TeamViewer – this does not turn out to be a problem, because appropriate security measures are in place to protect the users’ data. With other suppliers, however, user data is poorly or not at all protected. These suppliers are an easy target for hackers or data thieves who subsequently sell their loot via pertinent portals, or maybe just maliciously publish the user credentials online.
As TeamViewer is a widely spread software, many online criminals attempt to log on with the data of compromised accounts (which they obtained through the aforementioned sources), in order to find out whether there is a corresponding TeamViewer account with the same credentials. If this is the case, chances are they can access all assigned devices, in order to install malware or ransomware. Yet users can protect against this problem.
Ad (2.) TeamViewer denounces any criminal ploys, and encourages users to protect themselves by adequate counter measures:
This starts with the download: TeamViewer advises users to only use official TeamViewer channels for the download.
Additionally, users ought to protect any user account – whether it is with TeamViewer or any another supplier – by unique and secure passwords.
Moreover, TeamViewer encourages users to protect their TeamViewer accounts by two factor authentication. See: http://www.teamviewer.com/en/help/402-How-do-I-activate-deactivate-two-factor-authentication-for-my-TeamViewer-account.aspx
Finally, users should make sure that their device has not already been infected by viruses, spyware or any other type of malware that hackers may use to access secret or sensitive data.
The TeamViewer support is happy to answer any potential technical issues or queries at firstname.lastname@example.org.
TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their case. This is particularly important because, TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.
For more information or concern about a TeamViewer account, please contact Customer Support