February 5, 2024 at 06:06PM
AnyDesk Software, the German developer of remote access software, experienced a security breach. The company initiated a security audit after detecting suspicious activity and found that their production systems were compromised. AnyDesk has taken measures to secure its systems and has engaged CrowdStrike for investigation. Cybersecurity firm Resecurity reported the sale of credentials from the breach.
From the meeting notes, it is evident that AnyDesk, the popular remote access software developer based in Germany, suffered a significant security breach. The breach was discovered during a security audit triggered by suspicious activity, leading the company to acknowledge that its production systems were compromised. Despite limited information about the nature of the attack, AnyDesk clarified that it was not related to ransomware.
In response, the company took several measures to address the breach, including revoking security-related certificates, remediating or replacing affected systems, and planning to replace the previous code signing certificate for their binaries with a new one. Furthermore, as a precaution, all passwords to the web portal were revoked, and users were recommended to change their passwords if the same credentials were used elsewhere.
AnyDesk engaged CrowdStrike to assist with investigating and remediating the incident while also alerting the authorities. Despite expressing confidence in the safety of their software, the company urged customers to ensure they were using the most recent version with the new code signing certificate.
This brief description suggests a potential supply chain attack, which can have severe consequences, allowing threat actors to deliver trojanized software to the victim’s customers. Additionally, it was reported that an individual offered to sell the credentials of over 18,000 AnyDesk customers on a cybercrime forum for $15,000 in cryptocurrency. These credentials were allegedly obtained through information-stealer malware that had compromised AnyDesk users’ systems.
This summary highlights the key details from the meeting notes regarding the AnyDesk security breach and the related developments.