Distant desktop software program maker AnyDesk disclosed on Friday that it suffered a cyber assault that led to a compromise of its manufacturing programs.
The German firm mentioned the incident, which it found following a safety audit, isn’t a ransomware assault and that it has notified related authorities.
“We’ve got revoked all security-related certificates and programs have been remediated or changed the place vital,” the corporate mentioned in an announcement. “We might be revoking the earlier code signing certificates for our binaries shortly and have already began changing it with a brand new one.”
Out of an abundance of warning, AnyDesk has additionally revoked all passwords to its net portal, my.anydesk[.]com, and it is urging customers to vary their passwords if the identical passwords have been reused on different on-line companies.
It is also recommending that customers obtain the most recent model of the software program, which comes with a brand new code signing certificates.
AnyDesk didn’t disclose when and the way its manufacturing programs had been breached. It is at present not identified if any data was stolen following the hack. Nevertheless, it emphasised there isn’t any proof that any end-user programs have been affected.
Earlier this week, Günter Born of BornCity disclosed that AnyDesk had been underneath upkeep on January 29. The problem was addressed on February 1. Beforehand, on January 24, the corporate additionally alerted customers of “intermittent timeouts” and “service degradation” with its Buyer Portal.
AnyDesk boasts over 170,000 clients, together with Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales.
The disclosure comes a day after Cloudflare mentioned it was breached by a suspected nation-state attacker utilizing stolen credentials to realize unauthorized entry to its Atlassian server and finally entry some documentation and a restricted quantity of supply code.
