Teamviewer has been hacked--users please take precaution

Discussion in 'Computer Software and Operating Systems' started by Chary, Jun 2, 2016.

  1. Chary
    OP

    Chary Never sleeps

    pip Reporter
    GBAtemp Patron
    Chary is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    4,349
    14,324
    Oct 2, 2012
    United States
    It looks like there's been a security breach for popular remote control program Teamviewer. Reddit users on r/teamviewer have been reporting that their paypal information and passwords were stolen during random remote connections from hackers. If you use the program, be sure to check C:\Program Files\TeamViewer\Connections_incoming.txt to see who's been accessing your computer. I'd recommend that you uninstall Teamviewer at this time, just to ensure nothing bad happens.

    :!: Subreddit and discussion
     
    Vishnoo, ihaveamac, PokeAcer and 2 others like this.
  2. Frederica Bernkastel

    Frederica Bernkastel WebPerf and PWA advocate; @antoligy on Twitter

    Member
    GBAtemp Patron
    Frederica Bernkastel is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    3,154
    765
    Jan 31, 2008
    United Kingdom
    Hinamizawa
    Well, shit. Cheers for the heads up, this happens to be one of the only pieces of software I have installed on literally everything - this is goig to make for a "fun" evening!
     
    Tomato Hentai and Chary like this.
  3. daxtsu

    daxtsu GBAtemp Guru

    Member
    5,546
    3,952
    Jun 9, 2007
    Antarctica
    Chary likes this.
  4. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,493
    9,311
    Nov 21, 2005
    Hmm, I saw it had troubles connecting/generating numbers earlier today.

    Trying to think how many machines it might be installed on. An awful lot given it is a standard option I pick in ninite. Not sure what I want to do here, much less at 3am in my own time zone (it will be on machines in several more that I am variously responsible for).

    Tomorrow may be a busy day.
     
    daxtsu, Chary and Tomato Hentai like this.
  5. VinsCool

    VinsCool Comfortably Numb

    Member
    GBAtemp Patron
    VinsCool is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    11,844
    28,331
    Jan 7, 2014
    Canada
    Another World
    And this is why I don't use remote access softwares.
     
    cearp and driverdis like this.
  6. FAST6191

    FAST6191 Techromancer

    pip Reporter
    23,493
    9,311
    Nov 21, 2005
    It is possible to use such things somewhat safely, though I must confess I don't think I sandboxed any installs of this unless you count having them inside VMs for some things. Also after you have tried talking your elderly relatives through whatever operation they are trying to do this week over the phone (probably trivial for you, hard as you like trying to translate it and worse if things are not in alphabetical order because someone clicked and dragged or something) then you will begin to appreciate the sentiment behind the great album title "give me convenience or give me death".

    Reading around though it seems it might be people that have accounts rather than just numbers, not sure about simple unattended access. If it is just accounts then that makes my life easier -- I usually do not do any accounts so people have to phone me and tell me numbers as it gives them a false peace of mind (more than once I heard it is scary seeing the mouse move and files being opened or similar, yet my command line or SSH fun does not even register).

    Teamviewer PR also seem to be handling it very badly so there is at least the breakdown of what they have done there to look forward to.
     
    daxtsu likes this.
  7. Joom

    Joom  ❤❤❤

    Member
    4,030
    2,731
    Jan 8, 2016
    United States
    Aw fuck. This is why decentralized RATs are better. Albeit often used maliciously, I tend to use things like DarkComet and NetWire over TeamViewer (with user consent of course). And yes, TeamViewer is a RAT. It's just a commercial, benign one.
     
    VinsCool likes this.
  8. driverdis

    driverdis I am Justice

    Member
    2,402
    914
    Sep 21, 2011
    United States
    1.048596β
    This^
    I am usually at home anyway so Windows RDP or TightVNC are my goto apps for local remote access. I do not allow any sort of internet remote access softwares on my computers.
     
    VinsCool likes this.
  9. PokeAcer

    PokeAcer Banned

    Banned
    1,430
    1,061
    May 28, 2015
    United Kingdom
    Wales
    Oh fun, time to remove :/
     
  10. Luglige

    Luglige hiatus

    Member
    1,411
    1,543
    Jan 24, 2016
    Antarctica
    under your bed
    Oh no.
     
  11. cearp

    cearp the ticket master

    Member
    7,510
    4,744
    May 26, 2008
    Tuvalu
    ok yeah... but 'rat' is negative, without permission.
    teamviewer is with permission... so i wouldn't call it a 'rat'. (although sure, 'remote assisted tool' is correct)
     
  12. Luglige

    Luglige hiatus

    Member
    1,411
    1,543
    Jan 24, 2016
    Antarctica
    under your bed
    :P
     
  13. cearp

    cearp the ticket master

    Member
    7,510
    4,744
    May 26, 2008
    Tuvalu
    oops! thanks :)
     
  14. Luglige

    Luglige hiatus

    Member
    1,411
    1,543
    Jan 24, 2016
    Antarctica
    under your bed
    It's ok i'm kinda wrong to. It can be called a "Remote Access Tool" but I like administration because it sounds more legal for all the wrong doers.
     
    cearp likes this.
  15. Joom

    Joom  ❤❤❤

    Member
    4,030
    2,731
    Jan 8, 2016
    United States
    TeamViewer is a RAT in every sense of the definition. There are malicious VNC servers as well, but hey. Those intended for malicious purposes can still be used for legitimate purposes. They tend to work better than TV as well. :) Besides, I don't really care what my grandmother's passwords and keystrokes are.
     
  16. _v3

    _v3 GBAtemp Advanced Fan

    Member
    531
    264
    Oct 12, 2013
    Croatia
    Even users with 2FA got hacked, and yet the TV team negates that any breach occurred.
     
  17. Yoshimashin

    Yoshimashin Penguin Spy

    Member
    387
    30
    Aug 17, 2006
    United States
    Seattle, Washington
    This probably explains how both my Amazon and Ebay randomly purchased multiple $100 giftcards.

    As a precaution I removed this software, cleared my Chrome password log and unrooted my phone. Good to know I found the probable cause.


    Edit

    [​IMG]

    Yup.




    Goddammit.
     
    Last edited by Yoshimashin, Jun 3, 2016
  18. Pedeadstrian

    Pedeadstrian GBAtemp's Official frill-necked lizard.

    Member
    3,525
    1,564
    Oct 12, 2012
    United States
    Sandy Eggo
    Didn't Teamviewer get hacked weeks if not months ago? I remember reading about it. Kinda late for a precautionary post. Funny thing, I signed up for Teamviewer in 2010 and didn't get any mail from them other than for the initial email validation, but after reading about Teamviewer being hacked I've received four new contact requests, which were obviously people trying to hack my computer.
     
  19. DarkFlare69

    DarkFlare69 GBAtemp Psycho!

    Member
    4,710
    2,563
    Dec 8, 2014
    United States
    Ohio
    Good thing I don't have it installed on my PC, only on my phone.