Jump to content

TeamViewer denies hack after PCs hijacked, PayPal accounts drained


Firefox
 Share

Recommended Posts

Accounts with strong password and 2FA enabled breached? Either there was a breach, or there's a 0-day vuln. going around for  Teamviewer. You really can't bypass these "easily".

Link to post
Share on other sites

This has been going on for a while now, a few weeks I believe. Teamviewer completely denies that anything is wrong. :(

Quote

 

TeamViewer has yet to leave a comment on the issue that's not in complete denial of the problem.

Users are reporting breaches, and thousands of dollars have been stolen with the client, all over /r/teamviewer and at their support Twitter account. TV is blaming users with reusing passwords, yet users with 2FA and unique very long generated passwords were hacked.

Some also suggest that their DNS servers were hijacked and the clients believed the fake server, being the method of the attack.

One of the main problems are that they are not taking responsibility: (quoted from /u/rich-uk)

Teamviewer is being used as a vector of attack. This has happened on other sites where they had no critical information and within 48 hours everyone's logged in sessions were logged out, an email went round saying you had to click the link in the email (to verify ownership) and set up two factor auth as they knew they were being targeted. Teamviewer must know they are being targeted, and the stakes are high as the software allows complete access to a trusted machine - it's basically a master key - and there hasn't been a single response with teeth from teamviewer.

A few links:

[canned replies] [in case they take them down]

 

Some support:

Alternatives:

Name Free or Paid Trial available Aimed at Home or Enterprise users Open Source For Unattended Remote Desktop or Remote Assistance Notes
LogMeIn Paid Yes Enterprise No Both Now non-free, and had a bad reputation since "Microsoft Support" phone scammers used it. Some suggest that a long time ago it had bad support.
Chrome Remote Desktop Free -- Home The browser part of it Both Needs Chrome to be running?
Remmina Free -- Both Yes Unattended RD Linux and Unix only.
RealVNC Paid and Free* Yes Both Current version is not Unattended RD *Free only for non-commercial use.
TightVNC Free -- Both Yes* Unattended RD *Source code for commercial use requires a license
UltraVNC Free -- Both Yes* Unattended RD ultravnc.com is not their site, squatted by RealVNC. *Sourceforge link
MS Remote Desktop Connection Free* -- Enterprise No Unattended RD** Windows built-in. *Home versions of Windows only connect to other machines, not connected to. **Disables the computer from being used while an RD connection is running. The user may interrupt it.
GotoMyPC Paid Yes Enterprise No Unattended RD --
ScreenConnect Paid Yes Enterprise No Both --
Bomgar Paid Yes Enterprise No Both --
Ammyy Admin Paid and Free* No Both No Unattended RD Also had a bad reputation for tech support scammers using it. *Free for non-commercial use.
AnyDesk Paid and Free* No Both No Unattended RD --
Jump Desktop Paid No Enterprise No Unattended RD Only an RDP+VNC client, needs a server. Android, OSX, iOS only.
NoMachine Paid and Free* Yes Both No Unattended RD *Free for non-commercial use. Licensing is per CPU-cores.
SplashTop Paid and Free* Yes Both No Both *Free for non-commercial use.

Notes:
Apps that I listed as non-open source may have open source components.
Other remote desktop software on Wikipedia

Edit nth: Added some more alternatives, adblock warning at UVNC, also thanks for the gold kind stranger!
Edit nth+1: TV looks like now threatening publications and writers.
Edit nth+2: Thanks for the second gold, kind anonymous stranger! Added a comparison page suggested in the comments. Also added an another TV reply.
Edit nth+3: Have had an another alternative suggested. Three gildings, thank you!
Edit nth+4: I got some PMs that suspiciously sounded like advertisements, I only added only the bigger alternatives. Added some details on alternatives, tell me if I got anything wrong. Added lots of snapshots in case someone takes the originals down. Thanks for everyone's support!
Edit nth+5: Added some links for help.

 

https://www.reddit.com/r/technology/comments/4m7ay6/teamviewer_has_been_hacked_they_are_denying/

Link to post
Share on other sites

From what I can see, SplashTop seems to be the best alternative to TeamViewer. A lot of people seems to be using it. RealVNC and TightVNC are also good alternatives.

I would not trust Ammyy at all.

Link to post
Share on other sites

  • Root Admin

Real and Tight (unless they've really changed) are resource hogs, slow, and not even close to being as capable as TeamViewer. Have used quite a few over the years and TV has been one of the best. Not sure what the real issue is but since we don't use it for any type of always on connections it should not be an issue for my use

 

 

Link to post
Share on other sites

  • 1 month later...
  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.