
API and Bot Attacks Costing Businesses Billions and Rising
Security
Zaker Adham
20 September 2024
28 June 2024
|
Zaker Adham
Summary
Summary
TeamViewer, renowned for its remote access tools used by corporations worldwide, has reported an ongoing cyberattack on its corporate network. The breach, which began on June 26, is attributed to hackers backed by Russian intelligence, specifically APT29, also known as Midnight Blizzard.
In a statement released on Friday, TeamViewer detailed that the intrusion was traced back to compromised credentials of a standard employee account within their IT environment. The company confirmed that the attack was contained within the corporate network and emphasized that there is no evidence suggesting the hackers accessed their product environment or customer data.
Martina Dier, a spokesperson for TeamViewer, declined to provide additional details to TechCrunch, including whether the company has the technical capability to ascertain if any data was accessed or exfiltrated.
TeamViewer, popular among major companies like DHL and Coca-Cola, supports over 600,000 paying customers and facilitates remote access to more than 2.5 billion devices globally. Despite its extensive use, the software is also a target for malicious hackers who exploit its capabilities to remotely install malware on victims' devices.
The exact method through which the TeamViewer employee's credentials were compromised remains unclear, and the company has not disclosed further information on this matter.
APT29, associated with Russia’s SVR intelligence agency, is known for its sophisticated and persistent cyber-espionage campaigns. This group has a history of targeting high-profile organizations, utilizing techniques such as password theft to gain access to sensitive information. Notably, APT29 was behind the massive SolarWinds cyberattack that infiltrated numerous U.S. federal agencies by compromising SolarWinds' software updates.
Earlier this year, the same group infiltrated Microsoft's corporate network, extracting emails from top executives and continuing to pose a challenge for Microsoft in ejecting the hackers from their systems.
The persistent and sophisticated nature of APT29's operations underscores the critical need for robust cybersecurity measures. As TeamViewer continues its investigation, the incident serves as a stark reminder of the ongoing threats posed by state-backed hacking groups.
Security
Zaker Adham
20 September 2024
Security
Paikan Begzad
13 September 2024
Security
Zaker Adham
12 September 2024
Security
Paikan Begzad
26 August 2024