URGENT: AnyDesk Servers Hacked, Reset Passwords to Stay Secure

February 5, 2024
1 min read

TLDR:

  • AnyDesk, a remote access software company, has experienced a security breach, compromising its production systems.
  • Attackers are believed to have stolen source code and code signing certificates from AnyDesk.
  • The company has confirmed that the incident was not a ransomware attack and that there is no evidence of stolen private keys, tokens, or passwords.
  • AnyDesk has revoked all security-related certificates and systems, and plans to issue a new code signing certificate for binaries to ensure user security.
  • Passwords for the web portal have been revoked and authorities have been notified.

AnyDesk, a renowned remote access software company headquartered in Germany, has fallen victim to a security breach that has compromised its production systems. The company has confirmed the breach and stated that all security-related certificates have been revoked and affected systems have been remediated or replaced. Recent reports suggest that attackers stole source code and code signing certificates from AnyDesk, although the company has not officially confirmed this. However, AnyDesk has assured customers that the incident was not a ransomware attack. The investigation has shown no evidence of stolen private keys, tokens, or passwords that could be used to gain access to end-user devices. AnyDesk has taken swift action by revoking all security-related certificates and systems, and replacing or remediating affected systems. The company plans to issue a new code signing certificate for binaries to ensure user security. In an effort to protect against potential threats, all passwords for the web portal have been revoked. AnyDesk has also alerted the necessary authorities to the breach and is working with them to address the situation. The company assures users that it is safe to use AnyDesk, as long as the latest version with the new code signing certificate is used.

Latest from Blog

Samstealer: Stealing Sensitive Data Through Windows Systems

TLDR: Samstealer is actively attacking Windows systems to steal sensitive data. The malware targets browsers, applications, and cryptocurrency wallets to steal passwords and other information. Cybersecurity researchers at CYFIRMA have recently identified