AnyDesk confirms cyber attack: external desktop company revokes certificates if hackers infiltrate systems
AnyDesk has confirmed that it suffered a cyber attack that allowed hackers to compromise production systems.
In a press release published on the company’s website, the remote access provider said it noticed the attack after seeing “indications of an incident” in some of its systems. Subsequent investigation revealed a compromise in the company’s production systems, the company said.
While AnyDesk did not say who the attackers were or what they were after, it did say the incident was not related to ransomware. In an effort to secure the infrastructure, AnyDesk has revoked all security-related certificates and repaired or replaced other systems where necessary.
Source code stolen
“We will soon revoke the previous code signing certificate for our binaries and have already started replacing it with a new certificate,” the company statement said.
AnyDesk also assured its users that they are safe, noting: “Our systems are designed not to store private keys, security tokens or passwords that could be misused to connect to end-user devices,” the press release said.
Still, in an abundance of caution, AnyDesk has revoked all passwords for its web portal, the my.anydesk.com site, and recommended users change their passwords if they use the same login credentials elsewhere.
The company will not say what type of data the hackers stole. BleepingComputer, on the other hand, reports that the attackers obtained both source code and private code signing keys. The same publication claims that the attack started on January 29 and lasted for four days, during which the company was forced to block people from accessing the AnyDesk client.
That being said, users are strongly advised to immediately switch to the new version of the AnyDesk software and change their passwords.
AnyDesk is a popular remote access solution used by the likes of Samsung and Nvidia. It says there is currently no evidence that end-user devices have been affected and that the platform is safe to use.