A group of Chinese hackers which was supported by the state, allegedly violated the Germanic company of TeamViewer software in 2016, according to a Der Spiegel publication.
"In the fall of 2016, TeamViewer was the target of a cyber attack. "Our systems detected suspicious activity in a timely manner, thus avoiding any significant damage."
A TeamViewer spokesman told ZDNet that the ensuing investigation found no significant data damage or loss.
A team of expert internal and external cyber investigators, working closely with the relevant authorities, successfully stopped the attack and using all available forensic tools found no evidence that it had been stolen data customer or other sensitive information. The systems were not infected and the TeamViewer application source code was not stolen or abused in any way.
According to Der Spiegel, the hackers who broke into TeamViewer's network used Winnti, a backdoor trojan that is historically known to be in the arsenal of Beijing's state hackers.
The malware first appeared in 2009 and was initially used only by a group of Chinese hackers, whom security researchers at the time called the Winnti group.
However, this has changed in recent years when security researchers began to discover Winnti malware in various other attacks by many different Chinese groups.
"The assumption is that the same malware has been shared (or sold) to different groups," the Chronicle said. earlier this week.
This makes it impossible, at least for the time being, to know which of the (many) Chinese state-funded hacking groups was behind the invasion of TeamViewer.
______________________
- Patch Tuesday May KB4494441, KB4499167, KB4499179 & KB4499181
- Lenovo foldable PC: Presentation of the first foldable
- Microsoft vs Google: Why browsers' war does not focus on privacy
- Windows 10 20H1 ISO with Integrated Universal Search
