TeamViewer, which makes a popular remote-login software package, has said it will introduce new security features in response to a rash of reports of attackers using the platform to infiltrate users’ systems.
One of the features tightens controls on new devices accessing the service, while another forces a password reset if a user exhibits unusual behaviour.
The attackers used passwords made public following those breaches to take control of TeamViewer accounts that used the same password, the company said.
Users have reported their systems being made use of to carry out unauthorised bank and PayPal transfers and to cause other damage.
“We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users,” the Göppingen, Germany-based firm said in an open letter to users. “They have taken advantage of common use of the same account information across multiple services to cause damage.”
The company said it does not itself store any password data.
TeamViewer hasn’t indicated the number of attacks, but has said the scale appears to be “significant”, something also suggested by the large number of reports of attacks by users on social media services including Reddit and Twitter.
While such attacks on users’ systems have occurred in the past, they have become much more frequent over the past few days, according to reports.
The spike occurs soon after the data stolen from LinkedIn and other sites – including more than 642 million passwords – went up for sale on black-market websites.
IBM computer security researcher Nick Bradley became one of the most recent to report a TeamViewer attack, saying he saw an intruder begin using his computer while he was in the middle of a gaming session.
Recalling that he had another system running TeamViewer, he found that the intruder was in the midst of exploring that computer, too.
“The attacker opens a browser window and attempts to go to a new web page,” Bradley wrote in a blog post. “As soon as I reach the machine, I revoke control and close the app. I immediately go to the TeamViewer website and change my password while also enabling two-factor authentication.”
Bradley, who manages IBM’s Cyber Threat Research and the X-Force Threat Analysis Group, said that in his case the attack appeared to be connected with the leak of LinkedIn passwords, and advised users not to reuse passwords between applications and systems.
“Had I not been there to thwart the attack, who knows what would have been accomplished?” he wrote.
Are you a security pro? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…