A group of state-sponsored Chinese hackers reportedly breached the German one company software TeamViewer in 2016, according to a Der Spiegel publication.
“In the fall of 2016, TeamViewer was the target of a cyber attack. Our systems detected the suspicious actions in time and thus any major ones were avoided damage. "
A TeamViewer spokesman told ZDNet that the ensuing investigation found no significant data damage or loss.
A team of internal and external cyber investigators, working closely with the authorities, successfully stopped the attack and with all available forensic tools found no evidence that customer data or other sensitive information had been stolen. The systems were not infected and TeamViewer's source code was not stolen or compromised in any way.
According to Der Spiegel, the hackers who breached TeamViewer's network used Winnti, a backdoor cuts trojan historically known to be in the arsenal of Beijing's state hackers.
The malware first appeared in 2009 and was initially used only by a group of Chinese hackers, whom security researchers at the time called the Winnti group.
However, this has changed in recent years when security researchers began to discover Winnti malware in various other attacks by many different Chinese groups.
"The assumption is that the same malware has been shared (or sold) to different groups," the Chronicle said. earlier this week.
This makes it impossible, at least for the time being, to know which of the (many) Chinese state-funded hacking groups was behind the invasion of TeamViewer.
______________________
- Patch Tuesday May KB4494441, KB4499167, KB4499179 & KB4499181
- Lenovo foldable PC: Presentation of the first foldable
- Microsoft vs Google: Why browsers' war does not focus on privacy
- Windows 10 20H1 ISO with Integrated Universal Search