Jun 29, 2024
Attacks, Hacking, Intrusion, Threats, News, RSS, Technology, Vulnerability
TeamViewer It is a software known for facilitating remote access to over 2.5 billion devices worldwide.
Its technology has often been exploited by malicious hackers to plant malware on victims' devices. This time, however, it has itself been the victim of the attentions of malicious people, as the company that produces it has revealed a cyber attack underway against your company network.
According to a statement released on Friday, the compromise has been attributed to Russian government-backed hackers known as APT29 o Midnight Blizzard.
The German company specified that the intrusion began on June 26taking advantage of the credentials of an employee's standard account within the corporate IT environment.
TeamViewer reassured that the attack was confined to the company networkkeeping the internal network and customer systems separate. So far, there is no evidence that the threat actor has accessed the product environment or customer data.
TeamViewer spokeswoman Martina Dier did not clarify the company’s ability to determine what data, if any, was accessed or exfiltrated, or how the TeamViewer employee’s credentials were compromised.
APT29, connected to the Russian foreign intelligence service SVRis known for its simple yet effective hacking techniques, such as password stealing, to conduct stealthy and sustained espionage campaigns.
The intrusion, which is still ongoing, began on June 26 by exploiting an employee's standard account credentials.
Recently, the Russian SVR has targeted several technology companies, including Microsoft, compromising its corporate network and stealing executives' emails to understand what was known about the hackers themselves.
The Russian espionage campaign has also affected other technology companies, and the US cybersecurity agency, CISA, confirmed the theft of federal government emails hosted on Microsoft's cloud.
Even months later, Microsoft continues to struggle to rid its systems of hackers, calling the ongoing campaign “a significant commitment of Russian government resources and coordination“.
Russia's APT29 was also found responsible for the 2019-2020 espionage campaign against the software company SolarWinds.
On that occasion, the attack involved a massive hack of US federal government agencies via a malicious backdoor in SolarWinds' eponymous software. This allowed Russian hackers to access numerous government networksincluding the Treasury, the Department of Justice, and the Department of State.
- APT29, hacker attack, CISA, cybersicurezza, Microsoft, Midnight Blizzard, SolarWinds, SVR, TeamViewer
GIPHY App Key not set. Please check settings