Over the past few months, the users of teamviewer, a remote access service have been discussing their experience of being ransacked by attackers, who somehow gained access to their accounts. In many of the cases, online thefts reportedly drained user’s PayPal and other bank accounts. No one knows the exact number of accounts being hacked yet, but there’s no denying that the Teamviewer is breached.
For more than a month, many social media sites and blogs have received such numerous reports. Many often claimed that the intrusions are the reason for this failure, which has an effect on many others.
The attacker did transactions and shopped online using user’s PayPal and bank details, many caught this and rolled back the transactions but many left helpless. Nick Bradley the Security Researcher at IBM reported his experience, “In the middle of my gaming session, I lose control of my mouse and the Teamviewer window pops up in the bottom right corner of my screen, As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running Team Viewer!”
“I run downstairs where another computer is still up and running. Lo and behold, the Teamviewer window shows up. Before I am able to kill it, the attacker opens a browser window and attempts to go to a new web page. As soon as I reach the machine, I revoke control and close the app. I immediately go to the Team Viewer website and changed my password while also enabling two-factor authentication. Lucky for me, those were the only two machines that were still powered on with Team Viewer installed. Also lucky for me is the fact that I was there when it occurred. Had I not been there to thwart the attack, who knows what would have been accomplished. Instead of discussing how I almost got hacked, I’d be talking about the serious implications of my personal data leak.”
The threat is that if personal data or bank transaction is performed without being noticed then who is responsible for their losses. That made the users of Teamviewer insecure and creates a bad impression on them.
These statements made Teamviewer to announce two measures to introduce in response to the huge number of reported hijacking. The first measure “Trusted Devices”, ensure that the account holder must explicitly confirm that the new device is trusted before access is granted to existing accounts for the first time.
The second measure is “Data Integrity” which provides automatic examine that detects when an account goes hacked. “The system determines continuously if your Teamviewer account shows unusual behavior (e.g. access from a new location) that might suggest it has been compromised,” said Axel Schmidt the spokesperson of Team Viewer.