> The Chief Security Architect of FireEye posted this Tweet last week clarifying that there isn't a new compromise of TeamViewer, and the social media posts suggesting there is are misinterpreting a slide from a conference presentation.
How often has that been true? TV has been hacked more than once AFAIK.
Edit: nevermind, the attack is apparently through some malware.
quite long? unless you're using a bad password I don't really see any risk other than filling logs from password attempts.
> "APT41 compromised company behind TeamViewer - which enabled them to access any system with TeamViewer installed"
I feel like the most obvious interpretation of this is "APT41 possibly accessed billions of devices" which is incorrect, they had the ability but it is known that they only accessed a rather limited set of devices.
I'm not sure what would've been a better title though, especially given the length restrictions" ¯\_(ツ)_/¯
The main advantage is that there is no need to install any software neither on the remote machine nor on the local one.
There is a cloud hosted free version https://meet.jit.si which does not even require registration.
Seems to do this (currently in beta)
> The web application security expert adds that, based on detected activities and attack methods, in addition to the unusual interest that APT41 has shown in attacking the video game industry, its attacks could not be politically motivated; instead, they’re focused on economic gains.
I’d like to know how can one simply assume this given a potential payoff of billions of devices...
Sounds like a new one.
Not sure if it’s just a cluster of fuckups or if something is contributing to the uptick in false reports. But add this one to the list.
Were machines vulnerable with only Teamviewer:
1. Installed but not being used?
2. Only when being used (i.e. ask family member to fire it up and give the connection info)
So at least this lets archive.is correlate your IP with your DNS server (which must pass EDNS Client Subnet to get any meaningful response, this is the reason why Cloudflare DNS is not that great for accessing archive.is; more: https://news.ycombinator.com/item?id=19828317).
Anyways, this isn’t the first time TeamViewer has been hacked. Wonder what their beef is against E2EE between connected computers.