“TeamViewer experienced a service outage on Wednesday, June 1, 2016. However, the Team Viewer team has now issued an updated statement on the outage and unauthorized connections that read: “Unfortunately, users are still using the same password across multiple user accounts with various suppliers.” The statement also reminds users to not reuse passwords across multiple accounts, and says that issues such as those being reported could be related to malware infections, as "once a system is infected, perpetrators can virtually do anything with that particular system.“TeamViewer is safe to use, because TeamViewer has proper security measures in place including end-to-end encryption to prevent man-in-the-middle attacks, anti-brute-force means, and more,” the blog posting added. We have no evidence that these issues are related." "Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. TeamViewer immediately responded to fix the issue to bring all services back up. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. "TeamViewer experienced a service outage on Wednesday, June 1, 2016. Update 2: TeamViewer issued a statement on the outage and unauthorized connections. Update: No word from TeamViewer, but on Reddit (hat tip to CoolAcid for pointing it out) someone posted a copy of a TeamViewer log file from a recent unauthorized access. We'll update this story if new information becomes available. Salted Hash has reached out to TeamViewer for comments and additional details. These gaps are the reason why users and security professionals have taken to assuming the worst. Moreover, some users on Reddit are reporting unauthorized access in cases where two-factor authentication and strong passwords existed. People leave TeamViewer open to public connections all the time it's almost as bad as VNC.Īn installation using shared, weak, or no passwords to protect the account at all, combined with a lack of two-factor authentication, becomes a ticking bomb of a disaster – as one recent report clearly demonstrates.īut the company hasn't addressed the recent reports of unauthorized access – other than directing the public to the May 23 statement, and little is known about the outage they experienced earlier today. It is entirely possible, given the recent flood of hacked social media accounts, that TeamViewer wasn't hacked directly. The statement goes on to state that users need to avoid password reuse, and to use two-factor authentication. "TeamViewer is appalled by any criminal activity however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side."
0 kommentar(er)
