In response to a recent cyberattack on AnyDesk, a prominent provider of remote desktop software, has issued a comprehensive statement assuring users of their proactive measures and the safety of official software versions.
Followed by the company’s public statement, released on February 2, 2024, this new update outlines the steps taken to investigate and mitigate the incident, as well as their ongoing cooperation with relevant authorities.
AnyDesk emphasizes that all versions of their software obtained from official sources are safe to use. However, as a precautionary measure, users are encouraged to update to the latest versions, specifically 7.0.15 and 8.0.8. The company highlights its commitment to transparency, integrity, and trust in its products, acknowledging the importance of maintaining user confidence amid cybersecurity challenges.
“The forced password reset for our customer portal my.anydesk.com was done out of an abundance of caution. We have no evidence that any customer data has been exfiltrated. Again, we also have no evidence that any end-user devices have been affected by this incident,” reads the official press statement.
Cyberattack on AnyDesk: An Overview
The AnyDesk cyberattack was first indicated in mid-January when anomalies were detected in some of AnyDesk’s systems. A thorough security audit revealed evidence of compromised production systems, prompting the immediate activation of a remediation and response plan.
“We immediately activated a remediation and response plan involving cyber security experts CrowdStrike. The remediation plan has concluded successfully,” reads the official statement.
Was AnyDesk User Credentials Impacted?
While AnyDesk does not believe user credentials were compromised, the company cannot rule out the theoretical possibility for a brief period. As a precaution, a forced password reset for all customers was implemented.
AnyDesk provides insight into its system architecture, explaining that private keys, security tokens, and passwords are not stored, minimizing the risk of exploitation. The cyberattack on AnyDesk only affected two relay servers in Europe, excluding connections to specific customer portals and users in non-European regions.
“Only two of these relay servers in Europe were affected by the incident. This means that connections to the customer portal “my.anydesk.com I” are explicitly not involved. Neither are customers in countries that connect via relay servers outside Europe (e.g. USA, Asia, Africa, Australia, South America) and outside the affected location zone of those two servers (i.e. Spain and Portugal). If your credentials were already saved in the client, i.e. you did not enter it manually, you were also not affected,” explained officials.
Malware Spread and Software Integrity
AnyDesk confirms that no malware was spread through their systems. A thorough review of their code revealed no malicious modifications, and there is no evidence of malicious code distribution to customers.
The company reiterates that compromised versions of its software are not being distributed and advises users to download software only from official sources. To further enhance security measures, AnyDesk has revoked security-related certificates and is in the process of revoking code-signing certificates.
AnyDesk’s Recommendations for Users
Users are strongly encouraged to use the latest versions of AnyDesk (7.0.15 and 8.0.8) to ensure optimal security. AnyDesk emphasizes the importance of avoiding third-party sites for software downloads and recommends checking the version properties within the client for verification.
In conclusion, AnyDesk remains dedicated to maintaining user trust and confidence while prioritizing the security and integrity of its products. The company’s swift response to the cyber incident highlights its commitment to user safety, transparency, and proactive cybersecurity measures.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
