TeamViewer, known by the popular remote access software, was the victim of a DDoS attack on Wednesday, June 1. The remote connection service stopped working due to the attack.
Since then, several complaints have been reported on social networking sites like Twitter and the Reddit by people who claim that their devices used by TeamViewer were violated.
Specifically, the complaints state that unauthorized remotes were observed connections και άλλοι ισχυρίζονται ότι ο computerwere hacked, despite two-factor authentication and that attackers were able to steal money from PayPal and other services.
TeamViewer denies that their systems have been violated and that DNS issues caused by DDoS attack are not related in any way to user claims.
However, the allegations of users reporting violations in their systems need further investigation as using TeamViewer for remote connection, attackers gain access to what the user can see, that is, as if they were using the system locally.
This includes opening programs, downloading files from the Internet, accessing web pages, saved codeaccess and other data that may not be protected locally.
What you can do if you use TeamViewer
The first thing you need to do is check the logs that show who and when it was connected:
Windows: εάν τρέχετε την full εφαρμογή επιλέξτε Extras - Open Log Files.
Windows: αν τρέχετε την έκδοση Quick Support, κάντε click στο σύμβολο του εργαλείου στην επάνω δεξιά γωνία και επιλέξτε Open Logfiles.
Linux: run as root the teamviewer -ziplog command
The archives καταγραφής (log files) για Windows αποθηκεύονται στον κατάλογο του προγράμματος, και συνήθως διατηρούνται ακόμα και αν αφαιρέσετε το πρόγραμμα από τη συσκευή.
Check the logs and if you notice any violation, immediately change all the passwords you use. Check your accounts and your account history, if any, by paying special attention to accounts on money-related websites such as PayPal or Amazon.
If TeamViewer runs on your devices, make sure that at least your device is not left unattended for the time being.