TeamViewer Denies Being Hacked, Blames Users, Introduces New Security Measures

Mark Wilson writes: In the last couple of weeks there have been a huge number of reports from TeamViewer users that their computers have been hijacked. In addition to this, users of the remote access tool have complained of funds being extracted from PayPal and bank accounts. But TeamViewer insists that there has not been a security breach, instead shifting the blame to users.

The company says [users] are in the habit of reusing the same passwords for a number of apps and services. It suggests that recent high profile security breaches -- such as the password dumps from MySpace and LinkedIn -- have allowed cyber criminals to learn TeamViewer log in credentials.
"We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users," reads the company's statement. But they will now notify users whenever a new device logs in to a TeamViewer account, and in the future will also require a new password whenever suspicious account activity is detected.

Re:This has been going on for a while...

[ledow]

They don't need to have had a breach, as such, for the software to have been compromised in some way. Even a protocol flaw, or a plain-text-password-sniff or all kinds of things. Even a virus on a machine that you've logged on FROM.

Not buying it.

[Olmy's+Jart]

I'm not buying Team Viewers explaination one bit. I know the individual in this article. He's a fellow security expert with whom I've worked. He's no security slouch, quite the opposite in fact. He caught the attackers in the act (yeah, he got lucky there) and took action as it unfolded before his eyes. Team Viewer has some serious 'splainen to do...

https://securityintelligence.c...

Re: Not buying it.

He admits to reusing his one password between team viewer and numerous websites.

That is a pretty huge slouch for a security expert, and even a fairly nice sized face palm for a regular user.