spot_img

AnyDesk’s Production Server Compromised

In a recent statement, AnyDesk acknowledged a cybersecurity incident that compromised the company’s production servers.

“We first learned of the attack after detecting indications of an incident on our production servers,” AnyDesk conveyed to BleepingComputer, highlighting the seriousness with which they approached the initial signs of the breach.

The breach resulted in unauthorized access, leading in the theft of valuable assets such as source code and private code signing keys. This incident has sparked concerns due to AnyDesk’s widespread use in the enterprise sector for remote access services, as well as its unintended utilization by threat actors to retain access to compromised devices.

Given AnyDesk’s extensive client roster, which includes major names like 7-Eleven, Comcast, Samsung, and the United Nations, the ramifications of this breach are extensive. Taking prompt action, AnyDesk undertook a comprehensive security audit in partnership with CrowdStrike to evaluate and address the extent of the damage.

Addressing the breach’s aftermath, AnyDesk reassured users of the software’s safety: “We can confirm that the situation is under control and it is safe to use AnyDesk. Please ensure that you are using the latest version, with the new code signing certificate,” ensuring customers about the measures taken to secure the platform post-incident.

As a proactive measure, AnyDesk has reset all passwords for their web portal as a precautionary step and encouraged users to follow suit, particularly if they use similar passwords elsewhere. This action underscores the company’s dedication to user security and confidence.

In response to the breach, AnyDesk released version 8.0.8 of their software, integrating a new code signing certificate to ensure the application’s integrity. This action, crucial for upholding user trust and security, demonstrates AnyDesk’s commitment to promptly addressing and remedying the security weaknesses highlighted by the cyberattack.

Disclaimer: The views expressed in this feature article are of the author. This is not meant to be an advisory to purchase or invest in products, services or solutions of a particular type or, those promoted and sold by a particular company, their legal subsidiary in India or their channel partners. No warranty or any other liability is either expressed or implied.
Reproduction or Copying in part or whole is not permitted unless approved by author.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report