World’s most popular remote PC controlling software Teamviewer has been hijacked, according to various users of the software. According to many users, they have witnessed unknown people taking control of their PCs and tried to steal money from eBay or PayPal. Some attempts were also successful, indicated numerous users.
Despite having many reports of unauthorized PC access through Teamviewer at Reddit’s /r/teamviewer forum, the company behind the software has denied the allegations and said that its software hasn’t been hijacked, instead users are responsible for their individual credentials.
Users reported on Reddit that someone took remote access of their computer and then signs into important services like eBay, PayPal and email services. People could even see what’s happening in front of their eyes, as the mouse cursor moves around the display, just because the software isn’t a backdoor trojan, but a remote control program.
Experts believe that the recent LinkedIn security breach could have been the source of this incident, as millions of email/passwords have been hacked and same people using these credentials to login to other services and websites.
However, it’s worth to note that users with two-factor authentication enabled on their Teamviewer account are also have been hacked. A user claims that he uses a unique password for this service, which isn’t being used for any other services by him. If it’s just user ID/passwords hackers have got from recent security breaches, it is virtually impossible to gain access to this remote controlling PC software.
Meanwhile, Teamviewer has released a statement (attributed to a week ago), and denied the allegations. The company said:
TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side. Therefore TeamViewer underscores the following aspects:
Neither was TeamViewer hacked nor is there a security hole
TeamViewer is safe to use and has the proper security measures in place
Our evidence points to careless use as the cause of the reported issue
A few easy steps will help prevent potential abuse
Even after releasing this statement, users have witnessed something weird on the company’s side. The website was offline for a few hours this morning, but Teamviewer attributed it to a DNS issue. Until the issue resolved or not at all a problem from the server-side, we recommend you to follow these steps to make sure you are on the safer side:
1: You should log out of your Teamviewer account right now, which will block hackers to access your system through your username/password combo, if it was leaked.
2: If having the software on your PC still makes you worried, then uninstall it right now and install it whenever you find it necessary. It’s not a big-size file and won’t take long to install.
3: You can also check for the recent incoming connections through the remote controlling software by reading the log file, which is available at Extras > Open log files.
4: Make sure you have checked your credit cards, eBay, PayPal and other important services’ activities to find any potential suspicious activities.
5: The website haveibeenpwned.com could help you to find whether your email ID has been made available in the wild along with millions of others. (I have checked my email ID on this site and surprisingly, it shows that my email ID has been “pwned” in the 2012’s LinkedIn security breach (unearthed in this year, when someone tried to sell it on a black market) as well as 2013’s Tumblr hack.
Finally, this isn’t a good news for Teamviewer. If these incidents happened due to their server security, then this breach could kill their product permanently.