On Friday, AnyDesk, a provider of remote desktop software, announced a security breach impacting its production systems. This breach, uncovered through a security audit, was not related to a ransomware attack. The German-based company has informed appropriate authorities of the incident.
In response to the breach, AnyDesk has revoked all security certificates and taken steps to either remediate or replace compromised systems. The company is in the process of issuing a new code signing certificate for its software, advising users to download the updated version featuring this enhanced security measure.
Additionally, as a preventive measure, AnyDesk has reset all passwords for its web portal and recommends users change their passwords, especially if reused across different platforms.
The specifics of how the breach occurred and the exact timing remain undisclosed by AnyDesk. Currently, there is no indication that any customer data was exfiltrated or that end-user systems were compromised.
This announcement followed reports of maintenance issues and service disruptions earlier in the year, highlighting the challenges faced by AnyDesk, which services over 170,000 clients worldwide including notable corporations like LG Electronics and Samsung Electronics.
Parallel to AnyDesk’s situation, Cloudflare reported a breach by suspected nation-state actors, indicating a heightened cybersecurity threat landscape.
Cybersecurity firm Resecurity has identified online activities suggesting the sale of AnyDesk customer credentials, potentially for phishing scams, further underscoring the need for vigilance among AnyDesk users.
As the situation evolves, AnyDesk has committed to updating stakeholders on any developments. This incident serves as a reminder of the ongoing cybersecurity challenges facing software providers and their users.