Pointed out that cyber attack group can access the system using PC remote operation software `` TeamViewer '', Chinese security company denies



It turned out that the remote desktop software “ TeamViewer ” for remote control of PC was used by a Chinese cyber attack group called “ APT41 ”. However, according to the Chinese security research institute, TeamViewer itself has never been hacked and has only been used several times.

[Report] Double Dragon: APT41, a Dual Espionage and Cyber Crime Operation

APT41 is a Chinese cyber attack group operating in 15 countries and regions including Japan. It has been confirmed that activities for financial purposes have been confirmed since 2012, and since then intellectual property has been stolen for the benefit of China.

A lecture on APT41 was held at

Cyber Defense Summit 2019 by cyber security company FireEye held on Friday, October 11, 2019 .

In the lecture, various attack history of APT41 was shown.

One example of this was malware contamination of the PC optimization tool “CCleaner” that occurred in 2017.

A malware attack route for targeted attacks using the PC optimization tool `` CCleaner '' as a springboard-GIGAZINE

by download.net.pl

The story reveals that APR41 “takes over” the TeamViewer development company and is able to access the TeamViewer installed system. Multiple intrusions have been confirmed from 2017 to 2018, suggesting that a significant number of terminals are at risk.

However, the laboratories under the umbrella of China's Internet security company, Beijing Huashun Xin'an Technology Co., Ltd., White Hat Clan Safety Research Institute refute this.

TeamViewer Pseudo-Intrusion Incident Analysis | NOSEC Safe Life Platform-Shirakaba Safety Research Institute

According to the blog of Shirakaba Akira Safety Research Institute, the presentation document shows that TeamViewer played the role of an intrusion point and was used several times in cyber attacks, but it was shown that TeamViewer itself was hacked It is not.

in Software,   Security, Posted by logc_nt