Security

TeamViewer Confirms Cyberattack Linked to Russian Hackers

28 June 2024

|

Zaker Adham

Summary

TeamViewer, renowned for its remote access tools used by corporations worldwide, has reported an ongoing cyberattack on its corporate network. The breach, which began on June 26, is attributed to hackers backed by Russian intelligence, specifically APT29, also known as Midnight Blizzard.

In a statement released on Friday, TeamViewer detailed that the intrusion was traced back to compromised credentials of a standard employee account within their IT environment. The company confirmed that the attack was contained within the corporate network and emphasized that there is no evidence suggesting the hackers accessed their product environment or customer data.

Martina Dier, a spokesperson for TeamViewer, declined to provide additional details to TechCrunch, including whether the company has the technical capability to ascertain if any data was accessed or exfiltrated.

TeamViewer, popular among major companies like DHL and Coca-Cola, supports over 600,000 paying customers and facilitates remote access to more than 2.5 billion devices globally. Despite its extensive use, the software is also a target for malicious hackers who exploit its capabilities to remotely install malware on victims' devices.

The exact method through which the TeamViewer employee's credentials were compromised remains unclear, and the company has not disclosed further information on this matter.

APT29, associated with Russia’s SVR intelligence agency, is known for its sophisticated and persistent cyber-espionage campaigns. This group has a history of targeting high-profile organizations, utilizing techniques such as password theft to gain access to sensitive information. Notably, APT29 was behind the massive SolarWinds cyberattack that infiltrated numerous U.S. federal agencies by compromising SolarWinds' software updates.

Earlier this year, the same group infiltrated Microsoft's corporate network, extracting emails from top executives and continuing to pose a challenge for Microsoft in ejecting the hackers from their systems.

The persistent and sophisticated nature of APT29's operations underscores the critical need for robust cybersecurity measures. As TeamViewer continues its investigation, the incident serves as a stark reminder of the ongoing threats posed by state-backed hacking groups.