TeamViewer users are being hacked in bulk, and we still don’t know how
Service blames password reuse for attacks used to drain financial accounts.
For more than a month, users of the remote login service TeamViewer have taken to Internet forums to report their computers have been ransacked by attackers who somehow gained access to their accounts. In many of the cases, the online burglars reportedly drained PayPal or bank accounts. No one outside of TeamViewer knows precisely how many accounts have been hacked, but there's no denying the breaches are widespread.
Over the past three days, both Reddit and Twitter have exploded with such reports, often with the unsupported claim that the intrusions are the result of a hack on TeamViewer's network. Late on Friday afternoon, an IBM security researcher became the latest to report a TeamViewer account takeover.
"In the middle of my gaming session, I lose control of my mouse and the TeamViewer window pops up in the bottom right corner of my screen," wrote Nick Bradley, a practice leader inside IBM's Threat Research Group. "As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running TeamViewer!"
Here's a post I made about it when the story was breaking a few days ago. https://steemit.com/news/@anon/mass-security-breaches-of-teamviewer-users-in-the-last-24-hours
And here's the stickied reddit thread https://www.reddit.com/r/teamviewer/comments/4m6omd/teamviewer_breach_masterthread_please_post_your/
It still seems like there could be an exploit that a criminal group found and are using against TeamViewer users.
I know many people that works daily with teamviewer, and it's very worrying in teamviewer don't found the problem, usually the companies take less time to found the bug