AnyDesk Production Systems Breached.
Genesis Platform
Empower your third-party risk management with AI. Onboard vendors within minutes, not days
In this issue, we're looking at the recent cybersecurity breach at AnyDesk Software, the German powerhouse behind the widely utilized remote desktop software. This incident has sparked significant concern in the IT community, highlighting vulnerabilities even in established software solutions.
The Breach Unveiled
On a seemingly regular Friday, AnyDesk Software made a startling announcement. Their production systems had been compromised. This disclosure followed a security audit initiated due to suspicious activities. Interestingly, the company clarified that the incident was not a ransomware attack but a relief yet a puzzle to many in cybersecurity.
Immediate Response and Remediation
In a swift move to contain the situation, AnyDesk revoked all security-related certificates and undertook an extensive remediation process. Systems were either replaced or thoroughly overhauled. Additionally, the company started replacing its code signing certificate for software binaries, a crucial step in safeguarding software integrity.
Protective Measures for Users
Recognizing the potential risks to end users, AnyDesk urged its customers to update their software to the latest version, featuring the new code signing certificate. This precaution aimed to mitigate the risks associated with the breach, particularly in light of the software's extensive user base, including over 800 million downloads globally.
领英推荐
Potential Supply Chain Attack
Preliminary insights suggest that AnyDesk might have been the target of a supply chain attack. Such attacks pose a significant threat, potentially allowing cybercriminals to distribute compromised software to unsuspecting users.
Secondary Threats and Credential Sales
Adding to the blow, cybersecurity firm Security reported the sale of over 18,000 AnyDesk customer credentials on a cybercrime forum. These credentials, priced at $15,000 in cryptocurrency, were reportedly obtained through information-stealer malware, highlighting a secondary threat vector that emerged after the breach.
User Advisory and Precautions
While AnyDesk maintains that it is safe to use their software, they advise users to remain vigilant and ensure they are operating the latest version. Users are also recommended to change their passwords, mainly if the same credentials are used on other platforms.