A group of state-backed Chinese hackers allegedly breached German software company TeamViewer in 2016, according to a publication in Der Spiegel.
“In the fall of 2016, TeamViewer was the target of a attacks in cyberspace. Our systems detected the suspicious actions in time and thus any significant damage was avoided.”
A TeamViewer spokesman told ZDNet that the ensuing investigation found no significant data damage or loss.
A team of expert internal and external cyber investigators, working closely with the relevant authorities, successfully stopped the attack and using all available forensic tools found no evidence that customer data or other sensitive information had been stolen. The systems were not infected and the source codeof the TeamViewer application had not been stolen or abused in any way.
According to Der Spiegel, the hackers who broke into TeamViewer's network used Winnti, a backdoor trojan that is historically known to be in the arsenal of Beijing's state hackers.
The malware was first introduced in 2009 and was initially only used by a group of Chinese hacker, which security researchers at the time called the Winnti group.
However, this has changed in recent years when security researchers began to discover Winnti malware in various other attacks by many different Chinese groups.
"The assumption is that the same malware has been shared (or sold) to different groups," the Chronicle said. earlier this week.
This makes it impossible, at least for the time being, to know which of the (many) Chinese state-funded hacking groups was behind the invasion of TeamViewer.
______________________
- Patch Tuesday May KB4494441, KB4499167, KB4499179 & KB4499181
- Lenovo foldable PC: Presentation of the first foldable
- Microsoft vs Google: Why browsers' war does not focus on privacy
- Windows 10 20H1 ISO with Integrated Universal Search