AnyDesk has confirmed that it suffered a cyberattack in which hackers were able to compromise its production systems.
In a press release posted on the company's website, the remote access provider said it detected the attack after seeing “indications of an incident” on some of its systems. A subsequent investigation uncovered compromises in the company's production systems, he said.
While AnyDesk did not say who the attackers were or what they were after, it did say that the incident was not related to ransomware. In an effort to protect its infrastructure, AnyDesk revoked all security-related certificates and repaired or replaced other systems, when necessary.
Stolen source code
“We will shortly be revoking the previous code signing certificate for our binaries and have already begun replacing it with a new one,” the company statement says.
AnyDesk also assured its users that they are safe, noting, “Our systems are designed not to store private keys, security tokens, or passwords that could be exploited to connect to end-user devices,” according to the press release.
Still, out of an abundance of caution, AnyDesk revoked all passwords for its web portal, the my.anydesk.com site, and recommended users change their passwords if they were using the same credentials elsewhere.
The company did not say what type of data the hackers stole. beepcomputer, on the other hand, reports that the attackers obtained both the source code and private code signing keys. The same post claims that the attack began on January 29 and lasted four days, during which the company was forced to block people's access to the AnyDesk client.
That being said, users are strongly recommended to upgrade to the new version of AnyDesk software and change their passwords immediately.
AnyDesk is a popular remote access solution used by companies like Samsung and Nvidia. It says there is currently no evidence that any end-user devices have been affected and that the platform is safe to use.