Distant desktop software program maker AnyDesk disclosed on Friday that it suffered a cyber assault that led to a compromise of its manufacturing techniques.
The German firm mentioned the incident, which it found following a safety audit, isn’t a ransomware assault and that it has notified related authorities.
“We now have revoked all security-related certificates and techniques have been remediated or changed the place mandatory,” the corporate mentioned in a press release. “We will likely be revoking the earlier code signing certificates for our binaries shortly and have already began changing it with a brand new one.”
Out of an abundance of warning, AnyDesk has additionally revoked all passwords to its internet portal, my.anydesk[.]com, and it is urging customers to vary their passwords if the identical passwords have been reused on different on-line providers.
It is also recommending that customers obtain the most recent model of the software program, which comes with a brand new code signing certificates.
AnyDesk didn’t disclose when and the way its manufacturing techniques have been breached. It is at the moment not recognized if any info was stolen following the hack. Nonetheless, it emphasised there isn’t any proof that any end-user techniques have been affected.
Earlier this week, Günter Born of BornCity disclosed that AnyDesk had been below upkeep since January 29. The problem was addressed on February 1. Beforehand, on January 24, the corporate additionally alerted customers of “intermittent timeouts” and “service degradation” with its Buyer Portal.
AnyDesk boasts over 170,000 clients, together with Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales.
The disclosure comes a day after Cloudflare mentioned it was breached by a suspected nation-state attacker utilizing stolen credentials to realize unauthorized entry to its Atlassian server and finally entry some documentation and a restricted quantity of supply code.
