AnyDesk was recently hit by a hack on its production systems in which certificates may have been stolen. It is said to not be a ransomware attack. No login credentials were captured, because they are not stored.
According to AnyDesk, after the incident, a security audit revealed that some of the production systems had been compromised. In response, AnyDesk, in cooperation with CrowdStrike, immediately implemented a recovery plan to minimize the damage. The required authorities were also notified.
Few details cause
AnyDesk did not reveal exactly how the hack could have occurred. However, it did explicitly state that it was not hit by a ransomware attack.
Revoke all code signing certificates
All security-related certificates and systems have been restored or replaced within the recovery plan where necessary. In addition, all previous code signing certificates for AnyDesk’s binaries will soon be revoked, and work has already begun to replace them with new ones.
In its extensive public disclosure, AnyDesk also states that the cyberattack did not capture private keys, security tokens or passwords. AnyDesk’s systems do not use them to establish connections to end users’ devices.
As a precautionary measure, however, it was decided to reset all passwords for the my.anydesk.com web portal. Customers who use the same login credentials with other online services are advised to change them there, too.
Also read: Hackers deploy login credentials they stole at Okta to hack Cloudflare – update
23 hours ago
