Developer announces a statement in the case that the damage has been continued by the hijacking of TeamViewer which remotely controls the PC

ByDavid Goehring

With the illegal use of software called "TeamViewer" that allows you to remotely control PCs easily and quickly, there are frequent cases of shopping by Amazon etc without permission, and the statement that the developer will strengthen the security Announced.

TeamViewer Launches Trusted Devices and Data Integrity
https://www.teamviewer.com/en/company/press/teamviewer-launches-trusted-devices-and-data-integrity/


TeamViewer confirms number of hacked user accounts is "significant" | Ars Technica
http://arstechnica.com/security/2016/06/teamviewer-says-theres-no-evidence-of-2fa-bypass-in-mass-account-hack/


TeamViewer is a remote control software that can handle remote PCs, Android terminals, etc. as if they were in front of you. Because it is simple and easy to use, it is installed in more than 1 billion devices in the world, 750,000 new IDs are made on the day, it is popular software used by companies, but it is only malicious Whether it is easy for human beings to use it, there is a case of misappropriating TeamViewer's account and misusing the PC or the like of the intruder.

In Japan, there are cases where you purchased about 8000 yen coupons at Groupup at the TeamViewer that had been kept running, and Amazon gift tickets were also used from takeover and shopping for about 500,000 yen It has been reported that it has been done.

TeamViewer illegal login with browser password blinking: in the cell
http://f36type.cocolog-nifty.com/blog/2016/06/teamviewer-c13f.html

[Unauthorized Login] If I had kept my company's computer on, Amazon was being illegally purchased for 500,000 yen! The cause was software for remote operation! Is it? - Togetter Summary
http://togetter.com/li/983259

According to TeamViewer, the cause of such an incident was discovered at the end of May 2016, not TeamViewer's own vulnerability642 million account information leaksIt is said that it is influenced.

However, because it is not a situation that can be overlooked as a TeamViewer, we will introduce two-step certification, which will be approved e-mail separately for terminals that log in to TeamViewer account for the first time in the future. Also, if a suggestion is made that the TeamViewer account is threatened, such as access from places that the user has never used before, a mechanism for receiving a password reset notification will be adopted.

By the way, TeamViewer temporarily stopped the service on June 1, 2016, but this is due to a DoS attack, and it has already been completed. It is said that it is irrelevant to the matter of account intrusion.

About suspension of service
http://www.teamviewer.com/ja/press/statement-on-service-outage.aspx


In this announcement, TeamViewer mentioned as a security measure one way to "protect every user account including TeamViewer's account by setting a safe password that is hard to guess frequently and making frequent changes" Although it is,If it is a mechanism to periodically change the password, the user tends to set a similar passwordIt is pointed out that it is a long and difficult passwordManagement software such as "ID Manager"It is better to manage with.