The German software maker behind TeamViewer was reportedly compromised in 2016, according to a German newspaper Der Spiegel. According to the report, the cyber-attack was launched by Chinese hackers who used Winnti trojan malware. Its activities have been earlier found linked to the Chinese state intelligence system.
TeamViewer is one of the most popular remote-support software that lets users to access and share their desktops remotely or take full control of other’s PC over the Internet from anywhere in the world. Millions of users use this service and so TeamViewer has always been a target of interest for attackers.
Winnti advanced persistent threat (APT) group was active since at least 2010 and they have previously launched a series of financial attacks against software and gaming organizations primarily in the United States, Japan, and South Korea.
The group is infamous for using supply chain attacks by infecting legitimate software or servers with malicious updates to install malware on end-users’ systems. After infecting the malware downloads a backdoor payload on the target computers that lets the hackers to remotely control the victims’ computers without their knowledge.
According to a statement by TeamViewer, the company was a target of cyber-attack in 2016. They have discovered the cyber-attack soon after detecting suspicious activities and have taken immediate action to prevent any major damage.
They also stated that both their internal and external team and the responsible authorities haven’t found any evidence of customer data being stolen, misused, or computer systems of its customers being infected.
TeamViewer also conducted a comprehensive audit of its security architecture and IT infrastructure subsequently and further strengthened it with appropriate measures.
They also confirmed that the breach is not connected to another hacking event happened in May 2016 when TeamViewer users claimed that hackers emptied their bank accounts by exploiting a flaw in the software. In a press statement at that time, TeamViewer claimed that neither the company was hacked nor there was a security hole. It blamed the users for carelessly using the software.