[News] PSA: TeamViewer is being hacked

[chinajade]

In this forum, we use TeamViewer a lot to help others out.

FYI...
You should be aware of this article:

TeamViewer users claim accounts hacked, Service goes offline with server issues​

We've already had a member report "my TV Account is flooded with requests although my account isn't public". (From someone we know to be VERY careful and watchful of their computer.)

Be aware that the TeamViewer Id is just a number which can easily be given to others. People can and do link it in IIRC. The number can be used to see if the remote location is active or not.

Given this environment, it is best to:

• NOT install TeamViewer server (i.e., 'as a service').
  
  
• Only launch TeamViewer 'on demand'.
  You should make pre-arrangements for remote assistance through another channel (forum PM, or private Discord or Skype). KNOW with whom you are communicating—it is not difficult to spoof others here, also.
  
  
• WATCH what the person is doing with your computer.
  If they install an 'app', make certain it comes from the authoritative source, and understand what the app does. I.e., nobody should be installing ChromePass on your machine.
  Also, verify the source is trusted. Its easy to infect a 'well known' app, and install it from a third-party download source.
  
  
• Remember to terminate the TeamViewer application as soon as the session completes.
  
  
• Best to change your TeamViewer password each time someone completes the session.

cheers & be safe,
chinajade

 

[Sneeds44]

nice to know but i never allow public customer here to teamviewer my pc anyways

 

[plzdontban]

So TeamViewer itself is breached and unsafe? Or careless users? Or just people tricked into accepting unknown contacts on their whitelist?

 

[Owneth]

So TeamViewer itself is breached and unsafe? Or careless users? Or just people tricked into accepting unknown contacts on their whitelist?

/\ the last one more than anything. Trusted sources are trusted sources. But if someone installs and enables anytime access it could be a problem. No pro would ever do that. It's a PSA and very clearly drawn out above.

 

[Aion]

My TV account got hacked too - like month ago or so. I "cured" it by deleting the account, then made fresh/dummy one under the same email.

And guess what, I still receive "invitations" from strangers there.

While checking the login attempt records off the TV site, it seems they got my TV credentials months ago - late Feb or early Mar 2016.

Thankfully all but just one of the computers in my TV account had personal password for access, so CN and KR IP address geolocated intruders took into this one computer for ~9 minutes only.

Out of the logs, I was able to confirm, that they attempted to login in ebay/paypal/skrill and successfully login into the PP and Ebay, but since I had no linked valid CC on those, no harm was made. After 48 hours of extensive keylog/trojan scans on the computer with various of tools, no malisious stuff was left on the computer.

On a side note, the computer had 6-7 WoW bots, running at the same time, so they were having bad time checking for stuff, while the WoWs were streaming content to them

 

[Thecamel]

https://www.teamviewer.com/en/company/press/statement-on-service-outage/

There is no security concern with TeamViewer its self.

Account management and poor security practices.

I have 1323 Host TV installs through out my client base + plus a whole heap more for mates/family's.

I rotate my TV accounts password every week and is only installed on my surface I have in my possession at all times- I have the web-portal disabled on my account and can on be accessed by my static IP at my workplace- I need to VPN into my office to use TV..

anything less would be un professional.

People have got slack with TV... ive seen it installed on PC's with passwords such as 12345678...

 

[Aion]

People tend to be careless since ages, so there is compromised accounts every day, but having a wave of compromises out of nothing is different stuff.