The German software company behind TeamViewer, one of the most popular software in the world that allows users to access and share their desktops remotely, was reportedly compromised in 2016, the German newspaper Der Spiegel revealed today.
TeamViewer is popular remote-support software that allows you to securely share your desktop or take full control of other’s PC over the Internet from anywhere in the world. With millions of users making use of its service, TeamViewer has always been a target of interest for attackers.
According to the publication, the cyber attack was launched by hackers with Chinese origin who used Winnti trojan malware, activities of which have previously been found linked to the Chinese state intelligence system.
Active since at least 2010, Winnti advanced persistent threat (APT) group has previously launched a series of financial attacks against software and gaming organizations primarily in the United States, Japan, and South Korea.
The group is known for using supply chain attacks by infecting legitimate software or servers with malicious updates to install malware on end-users’ systems.
Once infected, Winnti downloads a backdoor payload on the compromised computers giving attackers the ability to remotely control the victims’ computers without their knowledge.
Der Spiegel criticized TeamViewer company for not disclosing the intrusion to the public to inform its customers, many of which are using the targeted software in businesses.
However, when contacted the company, TeamViewer said it discovered the cyber attack “in time” soon after detecting suspicious activities and took immediate action to “prevent any major damage.”
TeamViewer also said both their team and the responsible authorities at that time found no evidence that customer data was stolen, or computer systems of its customers were infected.
It’s not clear if the incident is somehow linked to another hacking event happened in May 2016 when TeamViewer users claimed that hackers emptied their bank accounts by exploiting a flaw in the software.
However, in a press release published at that time, TeamViewer claimed that neither the company was hacked nor there was a security hole; instead, it blamed users for carelessly using the software.
We have reached out to the company and will share more information about the incident as soon as we hear back.