Connect with us

Hi, what are you looking for?


Endpoint Security

TeamViewer Denies Breach After Users Get Hacked

Many users have complained that their computers were accessed by hackers via the popular remote access and support tool TeamViewer, but the company says its systems have not been breached.

Many users have complained that their computers were accessed by hackers via the popular remote access and support tool TeamViewer, but the company says its systems have not been breached.

Users reported on Reddit that their computers were remotely accessed through TeamViewer by unauthorized parties who attempted to steal money from their PayPal accounts and purchase various items on eBay and other websites. The attackers are accessing victims’ accounts through their web browser, which is often configured to remember credentials for commonly used online services.

Many assumed that TeamViewer was either hacked or someone identified a serious vulnerability in the application. However, the vendor has ruled out both these scenarios, saying that the attackers are most likely leveraging leaked passwords and counting on the fact that many people use the same password across multiple websites.

Password reuse could be the cause of these attacks. Hackers recently leaked hundreds of millions of credentials stolen a few years ago from LinkedIn and Myspace, which has led to a surge in account takeover attempts. Reddit reported last week that it had reset the passwords of 100,000 users over a two-week period after detecting unauthorized access.

“TeamViewer is safe to use, because TeamViewer has proper security measures in place including end-to-end encryption to prevent man-in-the-middle attacks, anti-brute-force means, and more,” TeamViewer said in a statement.

Advertisement. Scroll to continue reading.

“Unfortunately, users are still using the same password across multiple user accounts with various suppliers. While many suppliers have proper security means in place, others are vulnerable. The latter ones tend to be targeted by professional data thieves,” the company added. “As TeamViewer is a widely spread software, many online criminals attempt to log in with the data gained from compromised accounts (obtained via the aforementioned vulnerable sources), in order to discover whether there is a corresponding TeamViewer account with the same credentials.”

TeamViewer has advised users to set strong, unique passwords and enable two-factor authentication (2FA) on their accounts. However, a handful of users have reported getting hacked via TeamViewer even with 2FA enabled. On the other hand, some have confirmed that their passwords were exposed in the recent Myspace and LinkedIn leaks.

TeamViewer also experienced a service outage on Wednesday and some users assumed it might be somehow related to the attacks. However, in a statement sent to SecurityWeek, the company clarified that the outage was caused by a DDoS attack aimed at the company’s DNS servers and it has nothing to do with computers getting hacked.

It’s not uncommon for malicious actors to use TeamViewer in their operations. The remote access tool has been used over the past years by both APT actors in cyber espionage operations and profit-driven cybercriminals. Researchers reported last week that a backdoor has been abusing TeamViewer to load a malicious library on infected devices.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Endpoint Security

The Zero Day Dilemma

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Endpoint Security

When establishing visibility and security controls across endpoints, security professionals need to understand that each endpoint bears some or all responsibility for its own...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...