HQ/EMEAFind out how we can help your business
AnyDesk, a prominent remote desktop software provider, has confirmed a cyber attack on its production systems discovered during a routine security audit. Notably, the German company emphasised that the incident was not a ransomware attack and promptly informed relevant authorities.
In response to the breach, the affected company took swift measures to enhance security. All security-related certificates have been revoked and affected systems have been either remediated or replaced where necessary. The company is set to replace its previous code signing certificate for binaries, prioritising the integrity of its software.
To ensure user security, AnyDesk has taken precautionary steps, revoking all passwords to its web portal, my.anydesk[.]com. It is advised for users to update their passwords, particularly if they are used on multiple online platforms. As an additional security measure, the company recommends downloading the latest version of its software, which features a new code signing certificate.
AnyDesk assures users no evidence of compromise amid a cyber attack.
Although the specific details of the breach, including the date and method, have not been disclosed, AnyDesk assures users that there is no evidence suggesting any compromise of end-user systems. The company remains focused on transparency and user safety.
Concerns arose earlier this week when it was reported that the company had been under maintenance since January 29, with the issue officially addressed on February 1. Notably, on January 24, users were alerted about “intermittent timeouts” and “service degradation” related to AnyDesk’s Customer Portal.
With a customer base exceeding 170,000, including major names like Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales, the cybersecurity incident has garnered attention. AnyDesk’s commitment to security and its swift response aims to reassure users and mitigate potential risks associated with the breach.
This disclosure closely follows Cloudflare’s report of a breach involving a suspected nation-state attacker using stolen credentials for unauthorised access. The attacker accessed Cloudflare’s Atlassian server, resulting in the exposure of some documentation and a limited amount of source code.
The concurrent incidents highlight the ongoing challenges organisations face in safeguarding their digital infrastructure against sophisticated cyber threats. Users are urged to stay vigilant, update their AnyDesk software, and reset passwords promptly to mitigate potential risks associated with the recent cyber attack.
