Teamviewer breach or poor passwords?

[Elixer]

Official statement: https://www.teamviewer.com/en/company/press/statement-on-potential-teamviewer-hackers/

Göppingen/Germany, May 23, 2016. A recent article warns, “TeamViewer users have had their bank accounts emptied by hackers gaining full-system access”. TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side. Therefore TeamViewer underscores the following aspects:

Neither was TeamViewer hacked nor is there a security hole
TeamViewer is safe to use and has proper security measures in place
Our evidence points to careless use as the cause of the reported issue
A few easy steps will help prevent potential abuse

Here is the guy that says it was teamviewer's fault... https://www.reddit.com/r/teamviewer/comments/4m6geu/i_got_hacked_on_the_27th_caught_them_in_the_act/
and here is a compilation of everything https://www.reddit.com/r/sysadmin/c...ase_in_teamviewer_account_compromises/d38c0jz

 

[Sheep221]

I still don't know how they do actually hack bank account based on someone's else user data. I mean seriously, without user's physical security token, how do they get in?

 

[Elixer]

I still don't know how they do actually hack bank account based on someone's else user data. I mean seriously, without user's physical security token, how do they get in?

Once they have access to your machine, they can open the browser, and use login credentials that were saved. That means, they can login as the person, and transfer $$$ to whatever account.

Since they control your machine, 2 factor ID won't work either, since the e-mail will come, and they can do it that way.
Of course, if you are using a phone instead of e-mail, then, they can't get at that.

 

[Sheep221]

Once they have access to your machine, they can open the browser, and use login credentials that were saved. That means, they can login as the person, and transfer $$$ to whatever account.

Since they control your machine, 2 factor ID won't work either, since the e-mail will come, and they can do it that way.
Of course, if you are using a phone instead of e-mail, then, they can't get at that.

From what I know my bank requires mandatory personal security token(USB stick, authentication grid card or cellphone) and does not allow login credentials to be stored in browser cache for later auto/faster login, so that's what I don't get. Even if the attacker has credentials he still does not have the token. Authentication via email is not allowed. Seems that some banks are less secure than others.

 

[John Connor]

This is very disconcerting. Not sure if this is from stupidity or not, but I added two factor with my Authy App. https://www.teamviewer.com/en/help/398-what-is-two-factor-authentication-for-your-teamviewer-account

I actually got an E-mail one day from someone wanting to add them to my Teamviewer contacts. I immediately deleted that crap.

Even if they could get into my netbook that is just a Team Speak and FTP server, I don't store cookies or cache in my browser. Not on any computer in fact. And on top of that I use Sandboxie so nothing is stored.

 

[John Connor]

From what I know my bank requires mandatory personal security token(USB stick, authentication grid card or cellphone) and does not allow login credentials to be stored in browser cache for later auto/faster login, so that's what I don't get. Even if the attacker has credentials he still does not have the token. Authentication via email is not allowed. Seems that some banks are less secure than others.

Yeah, some banks are different and not that secure. With PayPal for example you just need an E-mail and password unless you order a USB token.

 

[John Connor]

So am I to understand that this just affects the Team Viewer server? Not the Team Viewer client? Because I have family members that I had them install the client so that I could fix their computers.

 

[Kneedragger]

Read about this yesterday and wanted to change my password but haven't got around to it yet.

Just received this email in my spam folder.

 

[John Connor]

I would forward that E-mail to Team Viewer and see what they say.