AnyDesk, the well-known provider of remote desktop software, has disclosed a recent cyber attack that resulted in a compromise of its production systems. The German company, following a thorough security audit, uncovered the incident and has taken immediate actions to address the situation.
AnyDesk has clarified that the attack did not involve ransomware. The company assured the public that it has notified relevant authorities and has implemented comprehensive measures in response to the breach. These measures include the revocation of all security-related certificates and the remediation or replacement of affected systems.
"We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one," stated AnyDesk in an official statement. As an added precaution, the company has revoked all passwords to its web portal, my.anydesk[.]com. Users are strongly urged to change their passwords, especially if they have been reused on other online services.
To enhance security, AnyDesk recommends that users download the latest version of its software, which now includes a new code signing certificate. The company, however, did not disclose specific details about when and how the production systems were breached. Currently, it remains uncertain if any information was stolen during the cyber attack. AnyDesk emphasized that there is no evidence indicating a compromise of end-user systems.
Earlier this week, Günter Born of BornCity reported that AnyDesk had been undergoing maintenance since January 29, with the issue being addressed on February 1. On January 24, the company had previously alerted users about "intermittent timeouts" and "service degradation" with its Customer Portal.
AnyDesk, with a user base exceeding 170,000, including prominent organizations such as Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales, is now dealing with the aftermath of the cyber attack. This disclosure closely follows another major security incident, with Cloudflare confirming a breach by a suspected nation-state attacker just a day ago. The continuous surge in cyber threats underscores the critical need for organizations to strengthen their cybersecurity defenses and remain vigilant against evolving risks. Stay tuned for further updates on this unfolding story.
via The Hacker News
0 comments:
Post a Comment