Denial of Service (DoS) attacks are becoming more common across all platforms as hackers begin to learn mobile operating systems and industry standard software programs. The convenience that comes with standardization also helps the bad guys – they can easily conduct large scale attacks by attacking a single source.
The TeamViewer DoS Attack
The industry of managed service has recently been attacked through one of these convenient standards. The TeamViewer software package is used by many managed service providers to provide remote support to clients. On June 1st, 2016, TeamViewer was attacked, resulting in a three-hour service outage. The attack was a denial of service attack on the company DNS servers.
The Results of the Attack
Hackers were allegedly able to break into many user installs after finding their way into the central servers of the program. A few of the symptoms included starting remote sessions from unknown remote users, unverified and unknown PayPal purchases and client passwords changing for no reason. With information gleaned from the DNS servers, hackers could legitimately gain access to all of the customer information stored within a local account, including full credit card numbers, banking information and saved passwords of TeamViewer clients.
What TeamViewer Clients Should Do
If you are a TeamViewer client and your managed service provider has not reached out to you about the recent DoS attack, contact them directly to see if they have knowingly been breached. Change your TeamViewer password, and monitor the credit card activity of any card that you have used within the TeamViewer system. If fraudulent activity is found, begin steps to deny charges and protect your account information.
Make sure that all logins on your local computer are different; otherwise, any breach of your TeamViewer information could result in a breach of your other account information as well.
Go through the connection log to ensure that all remote sessions were started by you from the past week. You can do this on Windows by opening TeamViewer, moving to Extras and selecting Open Log Files. Linux users can run the command “teamviewer -ziplog” to monitor activity.
If there is any fraudulent activity here, clients should then check the activity of the Paypal account (or other payment account) that is associated with the TeamViewer account.
Spade Technology is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (508) 339-5163 or send us an email at [email protected] for more information.