Everything You Need to Know About the TeamViewer Hack
Everything you need to know about the TeamViewer hack from Tech Talker.
This past week there have been a number of reports of TeamViewer getting hacked. I personally feel like magnitude and distribution of hacks has been getting worse. I’ve recommended the use of TeamViewer for helping friends and family with their technology from afar.
If you’re not familiar with TeamViewer, it’s a remote access tool that allows someone to remotely control your computer. It’s used by companies to administer remote technical support. It’s used by yours truly for helping friends and family, and it’s used for a number of other purposes such as screen recording, meetings, VPN access, and more. It’s an incredibly useful tool, and, as such, is a prime target for hackers—after all what could be better than hacking a program that allows remote access to your devices?
The Reddit thread
Last week (June 2016) the TeamViewer thread on Reddit exploded with news that users of TeamViewer were getting hacked, and having money stolen from active PayPal accounts. There were a ton of reports that users lost control of their mouse and keyboard, only to realize that a hacker was actively using their computer.
Naturally this would be a terrifying moment: to have control ripped away from you. Many users unplugged the cable, or turned off Wi-Fi to prevent anything from happening to their computer. Users complained that they had strong passwords and even multifactor authentication in place. However, I personally take many of these reports with a grain of salt. After all, Reddit is a public forum and there is virtually no way verify all of the claims presented.
That being said though, something happened. The sheer number of reports meant that something had taken place and many users were affected by it. These were also confirmed reports that TeamViewer’s website had gone down for an extended period of time on June 1st, 2016.
TeamViewer’s Response
On June 1st, TeamViewer addressed its website going offline in a press release. They explained that they had been hit by a DDoS attack, which took down their service. However, they very explicitly said that there was no breach and that user information was safe.
TeamViewer attributed the hacked accounts to huge hacks of Myspace, LinkedIn, and Tumblr. The idea being that people who used the same password in multiple places also probably used that password for their TeamViewer account. This was not received well because there were a handful of reports of users who had mfa on (a password plus a text message or some other authentication), and had unique passwords from any other account.
What Happened?
On June 6th, TeamViewer was interviewed by Ars Technica with a ton of hard to answer questions. All signs so far point to the fact that users were using hacked passwords from other hacked websites. The other claims of hacked accounts with unique passwords have not been proven, and TeamViewer would like anyone who suspects they’ve been hacked to submit a ticket to them so that they can examine your log files. These log files are exactly what they sound like, they are a record of when and how your computer was accessed. TeamViewer can use these log files to see who was accessing your computer with its service.
What Did the Hackers Do?
The hackers once on a computer running TeamViewer would take control of the mouse and screen and would look for sensitive files, and search email account for the word ‘PayPal’, there have been users claiming that their PayPal accounts had been drained, and even that malware was installed on their computer.
What Should You Do?
So what should you do if you’re running TeamViewer? If you’re not using it frequently, or it would not impact you in the short term to have it, I would simply uninstall it. I say this because it is a guaranteed way to make sure no one uses it against you.
If you still need to have TeamViewer running but are extremely nervous (rightly so), there are still some things you can do to strengthen your TeamViewer account. You should absolutely go into your account now and change your password to something long, complicated, and unique. You should also enable two factor authentication, or multifactor authentication, this means when you log into your account it will ask you for another number, or send you a text message.
How to Geek also has a great article on ways to strengthen your TeamViewer settings, which digs down into the nitty gritty.
In the mean time for myself personally, I uninstalled TeamViewer from any computer that didn’t need it. For computers that required it, I locked down all of the security settings, and I put a password on the main lock screen of the computer. This means that even if someone remoted into a computer I wasn’t on that they would be presented with a lock screen and would still need that password to continue. It’s sad that we need to go through these steps to just be secure but it’s always a good reminder that we should be using secure, unique passwords, and where possible use multifactor authentication.
Be sure to check out all my earlier episodes at techtalker.quickanddirtytips.com. And if you have further questions about this podcast or want to make a suggestion for a future episode, post them on Visit QDT Tech Talker on Facebook
.
Until next time, I’m the Tech Talker, keeping technology simple!
You May Also Like…
About the Author
Tech Talker demystifies technology and cutting edge devices so that even the most tech illiterate can understand what’s going on with their computer or gadget — and what to do when something goes wrong.
