AnyDesk is a remote computer and server solution that has confirmed a security breach in its production system. They have collaborated with CrowdStrike to conduct an investigation and have notified the impacted parties. It is important to note that this issue is not related to ransomware.
Furthermore, AnyDesk has taken immediate action by revoking all authentication certificates related to security and the affected systems. They have also revoked all authentication codes from the past and replaced them with new certificates. It is crucial to emphasize that AnyDesk does not store private keys, security tokens, or passwords. However, as an added security measure, AnyDesk has reset all passwords and requires users to change their passwords immediately upon logging in.
According to Bleeping Computer, preliminary findings indicate that the attackers were able to access source code and authentication keys in the code. Although AnyDesk has provided limited information, they strongly advise users to update their software to the latest version and reset their passwords.
TLDR: AnyDesk experienced a security breach in their production system. They promptly collaborated with CrowdStrike, revoked authentication certificates, and recommend users to update their software and change passwords.
Leave a Comment