Remote software company AnyDesk has confirmed hackers gained unauthorized access to its production systems in a breach that saw a large amount of source code and code signing certificates exposed.
The incident, which AnyDesk said is not ransomware-related, was detected following a security audit conducted by the firm. Staff found evidence of compromised systems, according to an advisory, which prompted them to construct a plan of remediation and response.
AnyDesk then sourced the help of cyber security experts CrowdStrike to respond to the incident while also liaising with the relevant authorities.
In response to the breach, AnyDesk said it has revoked or replaced the necessary security-related certificates and systems. The firm has already begun work on developing replacement code signing certificates.
Researchers swerved GPT-4's safety guardrails and made the chatbot detail how to make explosives in Scots GaelicThe 'Big Three’ ransomware groups are losing their grip on the industry as gangs begin to fracture, study showsThe end of passwords – and how businesses will embrace it
Additionally, the company said it made the decision to revoke passwords to its web portal, and has advised customers to change credentials to mitigate further risk.
“We have revoked all security-related certificates and systems have been remediated or replaced where necessary. We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one,” the company said in a statement.
“Our systems are designed not to store private keys, security tokens or passwords that could be exploited to connect to end user devices. As a precaution, we are revoking all passwords to our web portal, my.anydesk.com, and we recommend that users change their passwords if the same credentials are used elsewhere.”
The company did not say exactly when the breach occurred, but its services did suffer a four-day outage starting on January 29 in which the ability to log in to the AnyDesk client was disabled.
At present, AnyDesk said there is “no evidence that any end-user devices have been affected” by the breach, adding that the situation “is under control”
What is AnyDesk?
Support remote teams and effectively manage customer environments
DOWNLOAD NOW
AnyDesk offers remote desktop capabilities that allow for remote technical support and access to collocated servers.
The firm was founded in 2014 in Stuttgart, Germany, but has rapidly expanded in recent years, opening subsidiaries in the US, China, and Hong Kong.
As of 2024, the company boasts more than 170,000 enterprise customers globally, with big name brands such as Samsung, Raytheon, and Comcast listed as major clients.
