TeamViewer, the company that makes a widely used remote access tool for businesses, has confirmed an ongoing cyberattack on its corporate network.
In a statement on FridayThe company attributed the compromise to government-backed hackers working for a Russian intelligence agency known as APT29 (and Midnight Blizzard).
The Germany-based company said its investigation so far has revealed an initial intrusion occurred on June 26 that was “linked to the credentials of a standard employee account within our corporate IT environment.”
TeamViewer said the cyberattack was limited to its corporate network and that the company keeps its internal networks and customer systems separate. The company said it has “no evidence that the threat actor gained access to our product environments or customer data.”
TeamViewer spokesperson Martina Dyer declined to answer a number of TechCrunch’s questions, including whether the company has the technical capability, such as logs, to track what data was accessed or extracted from its network.
TeamViewer is one of the more popular providers of remote access tools, offering its corporate clients – which include shipping giant DHL and beverage maker Coca-Cola, According to its website — To access other devices and computers via the Internet. Company The company says it has more than 600,000 paying customers And it allows remote access to more than 2.5 billion devices worldwide.
There is also TeamViewer Known to be abused by malicious hackers This can be used to remotely inject malware onto the victim’s device.
It is not known how the TeamViewer employee’s credibility was affected, and TeamViewer has not said anything about it.
The US government and security researchers have long linked APT29 to hackers working for Russia’s foreign intelligence service, the SVR. APT29 is one of the more persistent, well-resourced government-backed hacking groups, and is known for using simple but effective hacking techniques – including stealing passwords – to run long-running covert espionage campaigns that rely on stealing sensitive data.
TeamViewer is the latest tech company to be targeted by Russia’s SVR. The same group of state hackers breached Microsoft’s corporate network earlier this year. Stealing emails from top executives to find out what the hackers knew about the intrusionMicrosoft said Other tech companies compromised during the ongoing Russian espionage campaign, and US cybersecurity agency CISA confirmed Federal government emails hosted on Microsoft’s cloud were also stolen.
Months later, Microsoft said it was struggling to drive out hackers from its systemsHe described the operation as a “sustained, significant commitment” of “resources, coordination and focus” from the Russian government.
The US government also blamed Russia’s APT29 US software firm SolarWinds targeted for a 2019-2020 espionage campaignThe cyber attack involved mass hacking of US federal government agencies by planting a malicious backdoor hidden in SolarWinds’ key software. When the infected software update was pushed to SolarWinds customers, Russian hackers had access to every network running infected softwareThis includes the Department of Finance, the Department of Justice, and the Department of State.
Do you know more about the TeamViewer cyberattack? Contact us. To contact this reporter, contact +1 646-755-8849 on Signal and WhatsApp, or by email. You can also send files and documents via SecureDrop,
remote-access-giant-teamviewer-says-russian-spies-hacked-its-corporate-network-techcrunch
