renownedRemote Desktop Softwarecompany AnyDesk announced on Friday that its production system was hit byNetwork attacksThe result is that some of thedata breach.
The German company said the incident was discovered during a security audit and was notRansomwareattack, they have notified the appropriate law enforcement authorities.
"We have revoked all security-related certificates and repaired or replaced them on affected systems," the company said in a statement. "We will soon revoke the program binary signatures previously used toCode Signing Certificates, and has begun replacing it with a new certificate."
Out of an abundance of caution, AnyDesk has also revoked all passwords for its web portal my.anydesk[.] com and urges users to change their passwords, especially those reused with other online services.
They also advise users to download the latest version of the software, which contains the new code-signing certificate.
AnyDesk did not disclose when and how its production system was breached. It is not clear at this timehackerwhether any information was stolen. However, they emphasized that there was no evidence that any end-user systems had been affected.
Earlier this week, BornCity's Günter Born revealed that AnyDesk has been under maintenance since January 29th. The issue was resolved on February 1st. Previously, on January 24, the company also alerted users to "intermittent timeouts" and "service degradation" issues with its customer portal.
AnyDesk has more than 170,000 customers, including Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam and Thales.
此次披露距离 Cloudflare 遭到网络攻击仅一天之隔。据称,黑客使用被盗凭证未经授权访问了 Cloudflare 的 Atlassian 服务器,并最终获取了一些文档和少量源代码。
Original article by Chief Security Officer, if reproduced, please credit https://www.cncso.com/en/anydesk-was-hacked-and-user-data-leaked.html
