The production environment of the popular remote desktop app AnyDesk has been compromised with the threat actors stealing source code and private code signing keys.

The German company reported the breach on Friday (2nd Feb) and said that the threat actors had not deployed any ransomware – a rarity these days!

The statement also says that the company has no evidence that any end-user devices have been affected, and that the company had revoked all security-related certificates for affected systems and that they would be replacing the code signing certificates as a matter of urgency.

Shortly after the announcement from AnyDesk, researchers from cyber security company Resecurity discovered an account on the Russian hacking forum Exploit.in offering 18,000+ AnyDesk logins for $15,000

So far, AnyDesk has not released any further details about the breach, including when the attack took place, however the customer portal had been suffering intermittent timeouts and service degradation since January 24th. The code signing certificate was changed on the 29th January after an unscheduled maintenance outage which lasted 48 hours.

Related Articles

McFlurry bandit targets McDonalds – twice!
General blogs

McFlurry bandit targets McDonalds – twice!

Mark
One of most-wanted cyber criminals extradited to US
General blogs

One of most-wanted cyber criminals extradited to US

Mark
Operation Endgame – a new approach to tackling cybercrime
General blogs

Operation Endgame – a new approach to tackling cybercrime

Mark
Customise, or compromise?
General blogs

Customise, or compromise?

Mark
Women who shaped the modern world of IT
General blogs

Women who shaped the modern world of IT

Mark