TeamViewer Remote Access Customers Hacked

John Lister's picture

Management at TeamViewer, a remote access computer tool, have confirmed that a "significant number" of users have fallen prey to hackers. However, the company insists that all evidence suggests that there is no flaw in the system, but is instead pointing fingers at its users.

TeamViewer allows users to login to a remote computer (even their own) from anywhere with an Internet connection. Once connected, users can operate the computer just as if they had physical access to the machine.

The security for the system works in two ways: first, users get a reference number that identifies their particular computer, rather than using an email address or user name. Secondly, a password is issued to match the reference number in order to gain access to the system.

Multi-Machine Accounts Could be the Cause

There's also a second method, which is to set up an account that covers multiple machines - something that's more commonly used by businesses. Rather than an identification number for the machine, the TeamViewer account uses an email address and password for authentication. Anyone who has access to these details can access any of the machines covered by the account.

TeamViewer is adamant that the hacking is the result of people getting hold of account email addresses and passwords, and notes that the breaches came right after a range of databases of old email/password combinations from other high-profile sites became public. Spokesman Axel Schmidt believes it's likely people reusing passwords across different sites is a major factor in this situation. (Source: arstechnica.com)

Two Factor Authentication in Dispute

Some say that they were hacked by TeamViewer despite having two-factor authentication switched on, meaning that the owner of the remote computer should have received a text message with a confirmation code whenever someone is requesting to login to the machine from a new location. Schmidt says he's found no evidence this is the case, and claims that so far no one has prepared to pass over log files that could help the company investigate the issue.

Financial Accounts Reportedly Drained

It appears the hackers have mainly been using their unauthorized access to the victims' computers to attempt to log in to financial accounts and siphon away money, or use services such as the iTunes Store to buy digital gift cards and voucher codes which they can sell on the black market. These attacks usually only work where the user has the relevant site password stored in their browser's auto-fill feature or a password manager. (Source: observer.com)

What's Your Opinion?

Do you think TeamViewer is right to blame the issue on poor personal security practices? Would you ever use a remote access tool or does the security risk outweigh the convenience? If somebody got access to your PC, could they access sensitive websites using the auto-fill feature - or do you always manually type in the relevant passwords?

Rate this article: 
Average: 5 (5 votes)

Comments

Dennis Faas's picture

Remote access is safe if it is configured properly and updated regularly. I personally don't use TeamViewer, but instead use either TightVNC or Windows Remote Desktop - both of which are configured to only allow connections from specific IP addresses (subnets), and then are password protected with strong passwords. In most cases I will use a virtual private network to connect to a remote machine whenever possible, though if the VPN is down you will need an alternate method - which is why restricting access by subnet is very important.

guitardogg's picture

I have been using Teamviewer for many years now, both in the enterprise and at home, and I love it. I've never had any problems. Always use the 2-factor method, and never the email logon.

eric's picture

Of course poor user practices are to blame.
That being said, for my friends and family and customers, I place Teamviewer *portable* on their hard drive. I don't even make a shortcut to it. If they need remote support, I tell them where to access it, but I don't want the service always running on their PCs.
While I find it unlikely that the hacks mentioned here are really the fault of the Teamviewer software, I don't leave any doors open that I don't have to.

Sem Jobs's picture

A lot of remote control software has such problem, becouse it is tools for remote access. Security should be given much attention. I use LiteManager intead of TeamViewer because it is free for business use and all password data is stored on my local PC in local network.