In a recent statement, AnyDesk acknowledged a cybersecurity incident that compromised the company’s production servers.
“We first learned of the attack after detecting indications of an incident on our production servers,” AnyDesk conveyed to BleepingComputer, highlighting the seriousness with which they approached the initial signs of the breach.
The breach resulted in unauthorized access, leading in the theft of valuable assets such as source code and private code signing keys. This incident has sparked concerns due to AnyDesk’s widespread use in the enterprise sector for remote access services, as well as its unintended utilization by threat actors to retain access to compromised devices.
Given AnyDesk’s extensive client roster, which includes major names like 7-Eleven, Comcast, Samsung, and the United Nations, the ramifications of this breach are extensive. Taking prompt action, AnyDesk undertook a comprehensive security audit in partnership with CrowdStrike to evaluate and address the extent of the damage.
Addressing the breach’s aftermath, AnyDesk reassured users of the software’s safety: “We can confirm that the situation is under control and it is safe to use AnyDesk. Please ensure that you are using the latest version, with the new code signing certificate,” ensuring customers about the measures taken to secure the platform post-incident.
As a proactive measure, AnyDesk has reset all passwords for their web portal as a precautionary step and encouraged users to follow suit, particularly if they use similar passwords elsewhere. This action underscores the company’s dedication to user security and confidence.
In response to the breach, AnyDesk released version 8.0.8 of their software, integrating a new code signing certificate to ensure the application’s integrity. This action, crucial for upholding user trust and security, demonstrates AnyDesk’s commitment to promptly addressing and remedying the security weaknesses highlighted by the cyberattack.