AnyDesk, an enterprise remote software platform used by major firms including Raytheon and Samsung, suffered a security breach - here’s what you need to know

Warning icon on a digital LCD display with reflection. Concept of cyber attack, malware, ransomware, data breach
(Image credit: Getty Images)

Remote software company AnyDesk has confirmed hackers gained unauthorized access to its production systems in a breach that saw a large amount of source code and code signing certificates exposed. 

The incident, which AnyDesk said is not ransomware-related, was detected following a security audit conducted by the firm. Staff found evidence of compromised systems, according to an advisory, which prompted them to construct a plan of remediation and response.

AnyDesk then sourced the help of cyber security experts CrowdStrike to respond to the incident while also liaising with the relevant authorities. 

In response to the breach, AnyDesk said it has revoked or replaced the necessary security-related certificates and systems. The firm has already begun work on developing replacement code signing certificates. 

Additionally, the company said it made the decision to revoke passwords to its web portal, and has advised customers to change credentials to mitigate further risk. 

“We have revoked all security-related certificates and systems have been remediated or replaced where necessary. We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one,” the company said in a statement. 

“Our systems are designed not to store private keys, security tokens or passwords that could be exploited to connect to end user devices. As a precaution, we are revoking all passwords to our web portal, my.anydesk.com, and we recommend that users change their passwords if the same credentials are used elsewhere.”

The company did not say exactly when the breach occurred, but its services did suffer a four-day outage starting on January 29 in which the ability to log in to the AnyDesk client was disabled. 

At present, AnyDesk said there is “no evidence that any end-user devices have been affected” by the breach, adding that the situation “is under control”

What is AnyDesk?

RELATED RESOURCE

A whitepaper from Datto for MSPs on RMM

(Image credit: Datto)

Support remote teams and effectively manage customer environments

DOWNLOAD NOW

AnyDesk offers remote desktop capabilities that allow for remote technical support and access to collocated servers. 

The firm was founded in 2014 in Stuttgart, Germany, but has rapidly expanded in recent years, opening subsidiaries in the US, China, and Hong Kong. 

As of 2024, the company boasts more than 170,000 enterprise customers globally, with big name brands such as Samsung, Raytheon, and Comcast listed as major clients.

George Fitzmaurice
Staff Writer

George Fitzmaurice is a staff writer at ITPro, ChannelPro, and CloudPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.