Sponsored By

AnyDesk Compromised, Passwords Revoked

Production systems at the remote access company were breached, leading AnyDesk to revoke code signing certificate and reset Web portal credentials as part of its incident response.

1 Min Read
Anydesk Remote Control on smartphone screen
Source: Seemanta Dutta via AlamyStock Photo

AnyDesk, which provides a remote desktop application providing access, file transfer, and VPN functionality for endpoints, has announced that its production systems have been compromised, and that it plans to revoke all its security-related certificates and reset all Web portal passwords as a precaution.

The company assured its customers in a statement released late on Friday that no end user devices had been breached, adding that AnyDesk systems are "designed not to store private keys, security tokens, or passwords that could be exploited to connect to end user devices."

AnyDesk also said that it's working with appropriate law enforcement agencies on the incident and that there's so far no evidence of ransomware.

In addition to the internal password rotations, the company urged its customers to update any passwords used across other accounts.

"To date, we have no evidence that any end-user devices have been affected," the company said. "We can confirm that the situation is under control and it is safe to use AnyDesk. Please ensure that you are using the latest version, with the new code signing certificate."

Remote access management tools like AnyDesk are a popular target of cybercriminals. In fact, last summer both the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) issued a joint advisory warning that threat actors were using these remote monitoring and management systems (RMMs), including AnyDesk and ScreenConnect to infiltrate organizations and federal agencies.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights