TeamViewer Denies Being Hacked, Blames Users, Introduces New Security Measures

Mark Wilson writes: In the last couple of weeks there have been a huge number of reports from TeamViewer users that their computers have been hijacked. In addition to this, users of the remote access tool have complained of funds being extracted from PayPal and bank accounts. But TeamViewer insists that there has not been a security breach, instead shifting the blame to users.

The company says [users] are in the habit of reusing the same passwords for a number of apps and services. It suggests that recent high profile security breaches -- such as the password dumps from MySpace and LinkedIn -- have allowed cyber criminals to learn TeamViewer log in credentials.
"We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users," reads the company's statement. But they will now notify users whenever a new device logs in to a TeamViewer account, and in the future will also require a new password whenever suspicious account activity is detected.

Wish it was that simple

But people are reporting unique, long passwords on their TV accounts being useless. And at least one case where a person was able to login to a PC even through 2FA authentication.

Either this is just a wide configuration error in the TV client made by unknowing users, or someone is lying.

This has been going on for a while...

[00Monkey]

Back in February, I had Team Viewer running 24/7 on an Ubuntu Desktop. I had a "strong" password, using letters, numbers and symbols. I was at a customer site installing a new Asterisk phone system and suddenly I get notifications from Paypal that I'm buying large amounts of virtual currency with NCSoft. It took me all of 5 minutes to realize what was happening and change my Paypal password and in that time, several grand was spent. It took me a week to get it all fixed, which isn't that bad.

Team Viewer Support couldn't care less. I asked why they wouldn't even notify on an account that's never been accessed from outside the country and they had no answers. Now, what could I have done better? Setup Multi-Factor Authentication for Team Viewer and Paypal. So, some of the responsibility is mine. However, I find it very strange that someone could have hacked or guessed that account's password. I asked if they had a breach and they reported that there were no problems, of course. Notification and confirmation of suspicious activity should have been implemented by them a long time ago.

Re:This has been going on for a while...

[ledow]

They don't need to have had a breach, as such, for the software to have been compromised in some way. Even a protocol flaw, or a plain-text-password-sniff or all kinds of things. Even a virus on a machine that you've logged on FROM.

Relevant subreddit with the reports...

https://www.reddit.com/r/teamviewer

That's funny

[freak0fnature]

The fact that they allow users to download old versions of TeamViewer is 1/2 the problem. I entertained a call from someone who was likely Pakistani that asked me to install an old version of TeamViewer from their website. Though I got on Linux and tried to follow their instructions...they didn't know what Linux was. I succeeded in wasting 30 minutes of their time.

Not buying it.

[Olmy's+Jart]

I'm not buying Team Viewers explaination one bit. I know the individual in this article. He's a fellow security expert with whom I've worked. He's no security slouch, quite the opposite in fact. He caught the attackers in the act (yeah, he got lucky there) and took action as it unfolded before his eyes. Team Viewer has some serious 'splainen to do...

https://securityintelligence.c...

Re:Alternatives?

[93+Escort+Wagon]

Yeah dude, VNC's been around since forever.

And VNC's security is next to trivial to compromise.

If you're going to use VNC, run it through ssh or openvpn - and only allow access that way. Keep the VNC ports themselves closed.