Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Results 1 to 9 of 9

    TeamViewer denies hack after PCs hijacked, PayPal accounts drained

    This is a discussion on TeamViewer denies hack after PCs hijacked, PayPal accounts drained within the General Computing and Internet forums, part of the Community channel category; TeamViewer denies hack after PCs hijacked, PayPal accounts drained Top remote-control tool wobbles offline, blames your bad passwords for compromises ...

    1. #1
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,202
      Thanks
      844
      Thanked 2,223 Times in 2,092 Posts

      TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      TeamViewer denies hack after PCs hijacked, PayPal accounts drained
      Top remote-control tool wobbles offline, blames your bad passwords for compromises

      TeamViewer users say their computers were hijacked and bank accounts emptied after the software company's systems mysteriously fell offline. TeamViewer denies it has been hacked.

      In the past 24 hours, we've seen a spike in complaints from people who say their PCs and servers were taken over via the widely used remote-control tool on their machines. Even users with strong passwords and two-factor authentication enabled on their TeamViewer accounts say they were hit.

      It appears miscreants gained control of victims' TeamViewer accounts, and used that to connect into computers, where they seized web browsers to empty PayPal accounts, access webmail, and order stuff from Amazon and eBay.

      "Hackers got everything from me," Doug, an Idaho-based Twitch streamer who was looking forward to celebrating his birthday today with his wife and two kids, told The Register.

      "They remote connected in at 5AM MT, went into my Chrome and used my PayPal to buy about $3k worth of gift cards. And yes, I had two-factor authentication."

      Over on Reddit, people were lining up with tales of their systems being compromised via TeamViewer, sparking fears the platform had been hacked. TeamViewer makes remote-control clients for Windows, OS X, Linux, Chrome OS, iOS and Android.

      "I never expected this to happen, but it did," wrote Redditor Eric1084.

      "When I sat down on my chair, I saw my mouse is moving across the screen. Of course, I immediately revoked remote control, and asked who [the hacker] is. At that point, he disconnected, and attempted to connect to my Ubuntu server, which has all my backups. Good thing I connected to [the server] right after he remote'd into my workstation. I revoked his permission before he tried to open Firefox. Immediately after, I started panicking, and thought he just stole all my passwords."

      Another Redditor, famguy07, added: "I had the same thing happen to me tonight. Luckily I was playing Rocket League. I terminated [the connection] after less than 10 seconds. Once it clicked in my brain what had happened, I logged into my server and exited TeamViewer to deal with it later."

      Pouring further fuel on the fire that TeamViewer had been infiltrated by criminals, at about 0700 Pacific Time (1500 in the UK) today TeamViewer suffered an outage lasting at least three hours, which knocked its website offline and left people unable to connect to their computer remotely.

      It's claimed TeamViewer.com's DNS was screwed up during the IT cockup, thus stopping people from getting through to the Germany-based company's servers. We've heard that its DNS servers were pointing towards Chinese IP addresses at one point, but we haven't been able to verify that.

      TeamViewer has said sorry for the downtime.

      After getting its systems back online, TeamViewer insisted it has not been hacked. In a statement bizarrely dated last week but referencing today's events, the biz instead blamed "careless use" of passwords by its customers. People aren't using strong enough credentials, or are reusing passwords from websites that have been hacked – such as LinkedIn and Tumblr.

      "Users are still using the same password across multiple user accounts with various suppliers. While many suppliers have proper security means in place, others are vulnerable," the company said.

      TeamViewer spokesman Axel Schmidt told The Register by phone from Germany that his company has not suffered a breach, and suggested people who have been hijacked contact the police.

      It is possible that some people have been caught out by password reuse, or by weak passwords, or by a Windows Trojan disguised as an Adobe Flash update that's doing the rounds using TeamViewer to backdoor machines. Yet, we've heard from people who have used passwords unique to TeamViewer, who have enabled two-factor authentication, and have found no malware on their computers, losing control of their systems in the past few days via TeamViewer.

      If you do use TeamViewer, now would be a good time to triple check your password and security settings to keep miscreants out, and inspect your connection logs and your web browser history for any unauthorized access.

      Editor's note: This article was updated after publication to include TeamViewer's statement.


    2. Advertisement
    3. #2
      gatecrasher3's Avatar
      gatecrasher3 is offline Sky User Member
      Exchange:
      Broadband ISP: Sky Broadband Unlimited
      Router: Billion 7800N
      Sky TV: Sky+HD box
      Join Date
      Feb 2012
      Posts
      64
      Thanks
      4
      Thanked 0 Times in 0 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      Seen loads of reports of this on Reddit as mentioned in the post.

      I had an invite from a random account a while ago but luckily I no longer use TeamViewer so it wasn't running on any machines.


      Sent from my iPhone using Tapatalk

    4. #3
      The Realist's Avatar
      The Realist is offline Sky User Member
      Exchange: Anything
      Broadband ISP: Sky Fibre 100GB Trial Gold X
      Router: Sky Q Hub Mk7 Trial Gold
      Sky TV: SkyQ/Motorised
      Join Date
      Mar 2007
      Location
      Behind You
      Posts
      1,049
      Thanks
      3
      Thanked 29 Times in 29 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      WoW just read this and I run TeamViewer all the time in the background and set it up this week as I'm soon off on hols and I use it for tablet to PC access.

      Looks like I'll have to look for a better, secure system now.

      Not amused.
      Disclaimer: The views expressed here are my own and in no way represent the views or policies of my employer.


    5. #4
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,202
      Thanks
      844
      Thanked 2,223 Times in 2,092 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      I too have been using Teamviewer for some time, ever since LogMeIn became a subscription service.

      I'll be watching this story with interest to see if it develops.

      I did check my account earlier and will also watch those of a couple of friends who I support through TV. when I checked last night all appeared to be fine.

      Of course should you get an invite, such as mentioned by gatecrasher3 above, I'd be very cautious too.

      Theoretically if you have a set password for remote access you should never give it away to anyone. The other password should change every time you reboot the computer.

      Even if you've associated your account with a computer on another account, if you're not using the manually set password, then you will have to request the new password each time the computer reboots. At least this is the theory.

      Sky Fibre Unlimited Pro: Connected at 80,000 kbps / 20,000 kbps
      Previous ADSL2+ Speed 19999 kbps 1153 kbps, Line Attenuation 17.5 db 6.9 db, Noise Margin 7.5 dB 8.7 dB
      Speedtest: 17.15MB/s 0.97Mb/s Ping 31 ms

    6. #5
      The Realist's Avatar
      The Realist is offline Sky User Member
      Exchange: Anything
      Broadband ISP: Sky Fibre 100GB Trial Gold X
      Router: Sky Q Hub Mk7 Trial Gold
      Sky TV: SkyQ/Motorised
      Join Date
      Mar 2007
      Location
      Behind You
      Posts
      1,049
      Thanks
      3
      Thanked 29 Times in 29 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      I just deleted it just in case and I'm trying VNC as a test for now.
      Disclaimer: The views expressed here are my own and in no way represent the views or policies of my employer.


    7. #6
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,202
      Thanks
      844
      Thanked 2,223 Times in 2,092 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      Statement from Teamviewer:

      Statement on Service Outage
      Statement on Service Outage

      Göppingen/Germany, June 1, 2016. TeamViewer experienced a service outage on Wednesday, June 1, 2016. The outage was caused by a denial-of-service attack (DoS) aimed at the TeamViewer DNS-Server infrastructure. TeamViewer immediately responded to fix the issue to bring all services back up.

      Some online media outlets falsely linked the incident with past claims by users that their accounts have been hacked and theories about would-be security breaches at TeamViewer. We have no evidence that these issues are related.
      The truth of the matter is:


      1. TeamViewer experienced network issues because of the DoS-attack to DNS servers and fixed them.
      2. There is no security breach at TeamViewer.
      3. Regardless of the incident, TeamViewer continuously works to ensure the highest possible level of data and user protection.


      Even though the server outage is not in any way related to the below mentioned advice, TeamViewer would like to reaffirm:

      Careless use of account credentials remains to be a key problem for all internet services. This particularly includes the use of the same password across multiple user accounts with various internet services.

      In addition, users might unintentionally download and install malware programs. Yet once a system is infected, perpetrators can virtually do anything with that particular system – depending on how intricate the malware is, it can capture the entire system, seize or manipulate information, and so forth.

      TeamViewer strongly recommends:


      • Users should avoid all affiliate or adware bundles: While users may think they are just downloading a harmless program, the software could in fact install something else.
      • Users ought to download TeamViewer only through the official TeamViewer channels such as the TeamViewer website https://www.teamviewer.com
      • Users should protect any user account - whether it is with TeamViewer or any another supplier – by using unique and secure passwords that are frequently changed.
      • Users should ensure they have reliable anti-malware and security solutions in place at all times.


      The TeamViewer support team is happy to answer any potential technical issues or queries at: https://www.teamviewer.com/en/suppor...bmit-a-ticket/

      TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their cases. This is particularly important because TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.

      About TeamViewer

      Founded in 2005, TeamViewer is fully focused on the development and distribution of high-end solutions for online communication, collaboration and remote monitoring of IT systems. Available in over 30 languages and with more than 200 million users worldwide, TeamViewer is one of the world’s most popular providers of remote control and online meeting software. airbackup, a powerful cloud-based backup solution, and ITbrain, a valuable remote monitoring and IT asset tracking solution, complement TeamViewer’s product portfolio.

      For more information, visit: www.teamviewer.com

      Follow us on Twitter at @TeamViewer and on our blog at blog.teamviewer.com.

      TeamViewer GmbH
      Jahnstr. 30
      73037 Göppingen

    8. #7
      The Realist's Avatar
      The Realist is offline Sky User Member
      Exchange: Anything
      Broadband ISP: Sky Fibre 100GB Trial Gold X
      Router: Sky Q Hub Mk7 Trial Gold
      Sky TV: SkyQ/Motorised
      Join Date
      Mar 2007
      Location
      Behind You
      Posts
      1,049
      Thanks
      3
      Thanked 29 Times in 29 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      Ummm ok......
      Disclaimer: The views expressed here are my own and in no way represent the views or policies of my employer.


    9. #8
      Scubbie's Avatar
      Scubbie is offline Sky User Moderator
      Exchange: 02392
      Broadband ISP: Sky Fibre Unlimited
      Router: Sky Q Hub ER110
      Sky TV: Sky+HD box
      Join Date
      Mar 2010
      Location
      Near Portsmouth
      Posts
      28,202
      Thanks
      844
      Thanked 2,223 Times in 2,092 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      TeamViewer beefs up account security after rash of PC, Mac hijacks

      TeamViewer beefs up account security after rash of PC, Mac hijacks
      Stable door settles for bolt long after brief relationship with passing horse

      TeamViewer is whacking anti-hacker protections into its remote-desktop tool – as its customers continue to report having their PCs and Macs remotely hijacked by criminals.

      Two new security checks in TeamViewer will warn users when a new device or location attempts to log into their TeamViewer account and remotely manage any computers connected to it, and will raise an alert if suspicious activity is detected.

      This exact behavior has been reported in surprising numbers by folks throughout the past two weeks: TeamViewer users complain that miscreants on the other side of the internet have broken into their desktops, and seized victims' web browsers to empty online bank accounts and place internet orders. In some cases, people have lost thousands of dollars as crooks exploited passwords saved in browsers.

      The victims say their computers were remotely controlled through their TeamViewer accounts, some watching in horror as their mouse suddenly started moving by itself – under the command of a far-away villain.

      Speaking directly to The Register and in announcements to customers, TeamViewer has denied that the crime spree is due to any compromise of its own servers. Rather, it claims, the victims of the attacks had reused their TeamViewer login passwords on other websites that have been breached, such as LinkedIn and Tumblr. Armed with copies of those leaked passwords and email addresses, TeamViewer claims, thieves then log into people's TeamViewer accounts and access connected PCs.

      Outcry


      A big bunch of discussion threads have spawned online, in which victims detail the circumstances that led to their machines being hijacked from across the planet. While in many cases the hacked customers say that they had indeed reused passwords from other sites (notably LinkedIn), others have reported that they had been breached despite using unique passwords and two-factor authentication.

      Reg
      readers have also reported receiving suspicious TeamViewer contact requests from unknown individuals. A TeamViewer spokesperson told El Reg that while accepting a contact request would not give that person direct access to controlled PCs, the contact info could be used to see when a person is online, and customers should not accept contact requests from any unknown and/or suspicious parties.

      Throughout the ordeal, TeamViewer has maintained that it is not at fault for the account thefts. The Germany-based company's handling of the matter has brought harsh criticism from aggrieved customers, who accuse the company of being in "complete denial" of the problem.

      What TeamViewer says it will now do is attempt to notify users of any shady or unusual behavior. The new security features will email account owners asking for permission whenever a new device attempts to log into their account.

      Additionally, the TeamViewer service will check the geographic location of the login attempts and require a password reset whenever someone attempts to log in from a locale that had not previously appeared.

      Don't, however, expect a mea culpa any time soon.

      "We are appalled by the behaviour of cyber criminals, and are disgusted by their actions towards TeamViewer users," a letter to customers reads.

      "They have taken advantage of common use of the same account information across multiple services to cause damage."

    10. #9
      BurnIT's Avatar
      BurnIT is offline Sky User Member
      Exchange: 01827
      Broadband ISP: Sky Broadband Unlimited
      Router: Sagem F@ST 2504n
      Sky TV: Sky+HD box
      Join Date
      Mar 2012
      Location
      Polesworth
      Posts
      242
      Thanks
      5
      Thanked 3 Times in 3 Posts

      Re: TeamViewer denies hack after PCs hijacked, PayPal accounts drained

      Of course they are going to deny any responsibility otherwise they open themselves up to all sorts of compensation claims. As it is you will have to PROVE that any loss you suffer is as a result of their negligence - that last word being the important one.

     

     

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2020. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION