AnyDesk [1] [2] [3] [4] [5] [6] [7], a popular remote desktop software provider [4], recently experienced a cyberattack on their production systems. This incident involved unauthorized access and compromised source code and code signing certificates, including private code signing keys [1] [2] [4] [7].

Description

AnyDesk promptly responded to the cyberattack by activating their response plan. They worked closely with cybersecurity experts from CrowdStrike and notified the relevant authorities. To mitigate the impact of the attack, AnyDesk revoked or replaced the compromised certificates and systems [3]. They are also in the process of developing new code signing certificates [3]. As part of their remediation efforts [7], AnyDesk revoked passwords to their web portal [3].

AnyDesk assures users that their systems are safe to use [4]. They recommend updating to the latest version of the software and changing passwords immediately. AnyDesk’s systems are designed to not store private keys [5], security tokens [5], or passwords that could be exploited [5]. They confirm that no customer data was accessed and there is no evidence of any end-user devices being affected [6].

AnyDesk takes the integrity and trust in their products seriously [5]. They want to assure users that the situation is under control. It is worth noting that AnyDesk’s customer base includes high-profile clients such as the United Nations, Samsung [1], Comcast [1], and Nvidia [1].

Conclusion

The cyberattack on AnyDesk’s production systems had significant implications. However, AnyDesk promptly responded and took necessary actions to mitigate the impact. By working with cybersecurity experts and revoking compromised certificates and systems, they have taken steps to ensure the safety of their users. AnyDesk’s commitment to integrity and trust in their products is evident in their efforts to address the situation. Moving forward, it is important for users to update their software and change passwords to further enhance security.

References

[1] https://uk.pcmag.com/first-looks/150745/anydesk-suffers-cybersecurity-attack
[2] https://www.techradar.com/pro/security/anydesk-confirms-cyber-attack-remote-desktop-firm-revokes-certificates-as-hackers-infiltrate-systems
[3] https://www.itpro.com/security/cyber-attacks/anydesk-an-enterprise-remote-software-platform-used-by-major-firms-including-raytheon-and-samsung-suffered-a-security-breach-heres-what-you-need-to-know
[4] https://www.infosecurity-magazine.com/news/anydesk-hit-cyberattack-customer/
[5] https://anydesk.com/en/public-statement
[6] https://techcrunch.com/2024/02/05/remote-access-giant-anydesk-resets-passwords-and-revokes-certificates-after-hack/
[7] https://news.cloudsek.com/2024/02/anydesks-production-systems-compromised-in-major-attack/