Everything you need to know about the TeamViewer hack from Tech Talker.
This past week there have been a number of reports of TeamViewer getting hacked. I personally feel like magnitude and distribution of hacks has been getting worse. I’ve recommended the use of TeamViewer for helping friends and family with their technology from afar.
If you’re not familiar with TeamViewer, it’s a remote access tool that allows someone to remotely control your computer. It’s used by companies to administer remote technical support. It’s used by yours truly for helping friends and family, and it’s used for a number of other purposes such as screen recording, meetings, VPN access, and more. It’s an incredibly useful tool, and, as such, is a prime target for hackers—after all what could be better than hacking a program that allows remote access to your devices?
The Reddit thread
Last week (June 2016) the TeamViewer thread on Reddit exploded with news that users of TeamViewer were getting hacked, and having money stolen from active PayPal accounts. There were a ton of reports that users lost control of their mouse and keyboard, only to realize that a hacker was actively using their computer.
Naturally this would be a terrifying moment: to have control ripped away from you. Many users unplugged the cable, or turned off Wi-Fi to prevent anything from happening to their computer. Users complained that they had strong passwords and even multifactor authentication in place. However, I personally take many of these reports with a grain of salt. After all, Reddit is a public forum and there is virtually no way verify all of the claims presented.
That being said though, something happened. The sheer number of reports meant that something had taken place and many users were affected by it. These were also confirmed reports that TeamViewer’s website had gone down for an extended period of time on June 1st, 2016.
On June 1st, TeamViewer addressed its website going offline in a press release. They explained that they had been hit by a DDoS attack, which took down their service. However, they very explicitly said that there was no breach and that user information was safe.
TeamViewer attributed the hacked accounts to huge hacks of Myspace, LinkedIn, and Tumblr. The idea being that people who used the same password in multiple places also probably used that password for their TeamViewer account. This was not received well because there were a handful of reports of users who had mfa on (a password plus a text message or some other authentication), and had unique passwords from any other account.