RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

AnyDеsk

Company

width=200px

Content

The flagship product of AnyDesk is the software of the same name - a tool for remote administration, which is popular with both corporate users and cybercriminals. With its help, you can remotely connect to almost any computer and perform all the necessary actions in its interface.

History

2024: The developer of the popular remote work tool AnyDesk has been hacked. Accounts sold at Darkweb

In early February 2024, AnyDesk published information[1] about a security incident that occurred in mid-January and affected two of its European servers. It is alleged that the attackers managed to penetrate the company's production system and steal the source codes of the product, security certificates and user credentials. Experts from CrowdStrike, which represents incident investigation services, are involved in the investigation.

According to the company itself, it has more than 170 thousand customers, including 7-Eleven, Comcast,, Samsung MIT,,, the Nvidia Siemens UN and many others, but the current incident, according to the security service, affected only European infrastructure and should not affect work in other parts of the world.

According to AnyDesk, in late January - early February, technical work was carried out to replace software signature key certificates and release new versions of AnyDesk with new signature keys. At this time, users may have noticed interruptions in the company's software.

File:Aquote1.png
We have revoked all certificates related to safety, - was indicated in a message on the AnyDesk website based on the results of technical work. - Systems have been fixed or replaced where necessary. In the near future, we will cancel the previous code signing certificate for our binaries and have already begun to replace it with a new one. Our systems are not designed to store private keys, security tokens, or passwords that can be used to connect to end-user devices. As a precaution, we recall all passwords to our web portal, my.anydesk.com we recommend that users change their passwords if the same credentials are used elsewhere.
File:Aquote2.png

[1]At the same time, according to the[2] of the Telegram channel "Information Leaks," login data for the portal for 18.317 users of the product is sold for $15 thousand, but their value is minimal, since the company has forcibly reset passwords for all its users.

Message about the sale of the AnyDask database (provided by the Telegram channel "Information Leaks")

The source codes of the product may be more valuable for attackers, the analysis of which can lead to the detection of vulnerabilities in the installed software and the protocols used, which in the future can lead to massive automated attacks on users. Since the likelihood of detecting unpublished vulnerabilities (Zero Day) and external attacks increases, it is recommended to abandon the legal use of the product and switch to analogues, including Russian ones, of which there are enough.

Notes