TeamViewer Introduces Safety Features After Suffering A Massive Security Breach
By Paul Liu
Friday, December 9th, 2016
TeamViewer has introduced new safety features for its services after suffering a massive data breach in early June. The company’s Remote Desktop Service, one of the most popular remote desktop, web conferencing, desktop sharing and file transfer services on the web which is installed on over one billion devices; was recently used to hijack users’ computers as well as steal from their PayPal accounts. While the company initially denied that it was targeted, it did admit the breach later but insisted that the security of its services was never compromised.
On 1st June’ 2016, scores of TeamViewer users started posting complaints regarding hijacking of their computers and theft from their PayPal accounts. It is suspected that hackers were able to gain access to victims TeamViewer account details and used them to access their emails, empty their PayPal accounts as well as shop online. The most surprising part of the data breach was that the hack affected even those users who were using strong passwords or had enabled 2-Factor authentication for their TeamViewer accounts. To make the matters worse, TeamViewer suffered a major DDoS attack at the same time which knocked down its website for at least 3 hours. During the attack, even the company’s DNS systems fell offline which prevented hundreds of thousands of users from accessing their TeamViewer accounts.
While TeamViewer acknowledged the breach after few days, it chose to blame the use of weak passwords by its user community for the hack. The company’s officials said that large scale data theft from sites like LinkedIn, Tumblr and Myspace has provided hackers with a wealth of data that can be used to hack services like TeamViewer especially if the same credentials were being used across multiple websites. The company also disputed that the security of its 2-factor authentication system was compromised and insisted that the company’s security infrastructure was robust and impregnable. The company also advised users who had suffered a monetary loss to report the matter to the authorities.
In the aftermath of the security breach, TeamViewer has introduced two new features, Trusted Devices and Data Integrity; to protect user accounts. The Trusted Devices feature would force the users to validate their accounts before using TeamViewer’s services on a new device. As such, hackers would need access to both TeamViewer account details as well as users’ email accounts to carry out any attack. On the other hand, the Data Integrity feature will monitor users’ accounts for suspicious activities as well as force a password reset in case the security of an account gets compromised. Here again, hackers would need access to users’ email accounts before they would be able to compromise the security of their TeamViewer accounts.
While it is not yet clear whether the reuse of passwords was indeed the reason for the compromise of TeamViewer accounts, the episode clearly shows how the compromise of user credentials on one site can have a domino effect on other sites and services. As such, we advise our users to follow the best password practices and refrain from using their user credentials across multiple websites.