Results 1 to 13 of 13
  1. #1
    Gold Lounger Maudibe's Avatar
    Join Date
    Aug 2010
    Location
    Pa, USA
    Posts
    2,633
    Thanks
    115
    Thanked 647 Times in 590 Posts

    TeamViewer Hacked ?

    There are reports of the TeamViewer database being hacked where hackers are stealing the passwords and remotely logging into computers. Once logged on, they are using stored passwords to sign on to websites such as Amazon.

    The recommended action conveyed is to uninstall TeamViewer.

    Maud

  2. #2
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,572
    Thanks
    5
    Thanked 1,057 Times in 926 Posts
    Sources please.
    Joe

  3. #3
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,722
    Thanks
    146
    Thanked 156 Times in 149 Posts
    Seems to be a lot about it on Reddit. See comments by people who say they've been hacked as a consequence.

    Also on the Register. I've no idea how good these sites are though.
    Last edited by access-mdb; 2016-06-03 at 17:23. Reason: A bit more info
    Talk is cheap because supply exceeds demand

  4. #4
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    9,434
    Thanks
    372
    Thanked 1,457 Times in 1,326 Posts
    Access,

    You realize that this is only possible if you have set TeamViewer to use the following options:
    TeamViewerOptions.PNG

    If you don't have them selected the hackers haven't gotten your passwords (generated new each time) and they couldn't use them even if they did unless you start TeamViewer for them.

    HTH
    May the Forces of good computing be with you!

    RG

    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  5. #5
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,722
    Thanks
    146
    Thanked 156 Times in 149 Posts
    RG, obviously not a simple situation. I don't have a need for Team Viewer so don't know much about it. I would like to know if the two links are to reputable sites. I've heard of them but don't usually use them.
    Talk is cheap because supply exceeds demand

  6. #6
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    No indications that TV's site has been hacked, changing the Topic title.

    ghacks has some comments and checks to run.

    HowToGeek has this: How to Lock Down TeamViewer for More Secure Remote Access

  7. The Following User Says Thank You to satrow For This Useful Post:

    RetiredGeek (2016-06-03)

  8. #7
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    As far as I know, this is not definitively established. Teamviewer argues that the hacks must have resulted from password reuse, while it seems some users dispute that.

    In any case, I think there is no need to uninstall TeamViewer. Simply do not run it unless you need it. Plus, configure it to use two factor authentication.

    Also, as recommended repeatedly, do not repeat passwords in different sites.
    Rui
    -------
    R4

  9. #8
    WS Lounge VIP access-mdb's Avatar
    Join Date
    Dec 2009
    Location
    Oxfordshire, UK
    Posts
    1,722
    Thanks
    146
    Thanked 156 Times in 149 Posts
    So, a possible scenario is: TeamViewer website experiences a DOS and servers go down. Someone notices activity on their TV not by them and makes the connection that it's to do with the attack on TV. Others start looking and see similar activity. Because of the nature of the Internet and social media, more and more people 'see' this activity and things go viral.

    But TV deny they have been breached and there's no reason for them to do that, the damage that would cause them if they are found to have been lying would be incalculable.

    There is a saying 'correlation isn't causation. Perhaps these things have been happening for a while but the outage of the servers has brought it to people's notice.

    Moral of story. Security is the responsibility of the user. It's when we get complacent that we are likely to be hacked.

    Just my 2p's worth
    Talk is cheap because supply exceeds demand

  10. #9
    Star Lounger
    Join Date
    May 2011
    Posts
    84
    Thanks
    2
    Thanked 2 Times in 2 Posts
    I have two disabled relatives and log into their machines about once a month to solve something. The p/w's are new each time, so don't see how hackers could access.

  11. #10
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,141
    Thanks
    101
    Thanked 579 Times in 464 Posts
    Quote Originally Posted by robertpri
    I have two disabled relatives and log into their machines about once a month to solve something. The p/w's are new each time, so don't see how hackers could access.
    I suspect there may be confusion between the different versions and modes of TeamViewer. You're quite correct that for normal use, the standard TeamViewer client and 'TeamViewer QS' (Quick Support) both use passwords that change on each use.

    However, if TeamViewer is used in 'host mode' for unattended access (either by configuring the standard TeamViewer client or by using the dedicated 'TeamViewer Host') then a single, non-changing password is used and the executable runs as a service from startup.

    None of the articles I've read about 'hacks' make any distinction between how TeamViewer is actually being used so it's possible (probable?) that Host mode is the issue... i.e. always running and with a static password.

    I use TeamViewer a lot and install it on my family's and friends' PCs/laptops. However, I only ever install the single 'TeamViewer QS' executable (without any shortcuts in any startup folder)... so it must be started manually and cannot be configured for unattended access.

    Hope this helps...

  12. #11
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,486
    Thanks
    284
    Thanked 574 Times in 478 Posts
    TeamViewer rolling out improved security measures (June 3rd, 2016).

    ...

    To do our utmost to help you - our users - and to further strengthen the protection of your data against these hijacks of cyber criminals, we are globally rolling out improved security measures today in a two-fold approach:

    ...
    ghacks article:

    ...

    TeamViewer supports several security features already that strengthen account security. Many need to be enabled however or set appropriately by the user.

    In short, the following is suggested:

    Only run TeamViewer is you are going to use it or need to make it available for someone else.
    Select a secure, unique account password for the service.
    Make sure TeamViewer is up to date.
    Enable two-factor authentication for your TeamViewer account.
    Use TeamViewer's Whitelist system to prevent access from unauthorized devices. To do that select Extras > Options > Security > Black and Whitelist Configure.

  13. #12
    Super Moderator Rick Corbett's Avatar
    Join Date
    Dec 2009
    Location
    South Glos., UK
    Posts
    2,141
    Thanks
    101
    Thanked 579 Times in 464 Posts
    More info has appeared on Ars Technica. A TeamViewer spokeman confirmed that, rather than a breach of TeamViewer's servers, the issue is with re-used account ID's and passwords used for TeamViewer accounts which, once discovered, allow access to remote clients assigned to that account.

    Ars Technica: My understanding is that one of the ways people log in to TeamViewer is by using a machine ID and some sort of PIN. At least in that scenario you don't have a user name and password that were exposed by MySpace or LinkedIn. Is there another way reused passwords are getting exploited?

    TeamViewer: You're referring to the TeamViewer client that's usually installed on the desktop computer. The cases that we're talking about currently are not cases connected to that desktop client; we're talking about TeamViewer accounts. TeamViewer offers particularly to its business clients the option of setting up TeamViewer accounts which come with a lot of advantages for professional users because it allows them to manage multiple devices, have their entire support force be in that account and set up policies that especially professional users are looking for. That's a feature that we're also offering to our private users who can use the accounts for free. Most of the cases to the best of my knowledge are in regards to those accounts. Whenever somebody sets up an account there are several ways they can set up their user credentials and assign devices to that account. If somebody goes ahead and uses the same e-mail and password for that account as they used for any other given Internet account then that makes this account somewhat vulnerable in terms of the credentials.

  14. #13
    3 Star Lounger
    Join Date
    Jul 2002
    Location
    Rockledge, FL
    Posts
    327
    Thanks
    23
    Thanked 11 Times in 11 Posts
    I too have used TeamViewer (excellent product) to do things for relatives and friends too far away to go visit and fix something for them. I always use the "one time" password and am usually on the phone telling them to start TeamViewer on their end and provide me with the password. I do NOT check the "Start with Windows" checkbox in TeamViewer. I do NOT leave TeamViewer running on either PC after finishing.

    I also fail to see how this can be compromised.

    Quote Originally Posted by robertpri View Post
    I have two disabled relatives and log into their machines about once a month to solve something. The p/w's are new each time, so don't see how hackers could access.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •