{"id":33004,"date":"2024-02-02T14:50:24","date_gmt":"2024-02-02T13:50:24","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=33004"},"modified":"2024-02-04T13:46:47","modified_gmt":"2024-02-04T12:46:47","slug":"anddesk-be-careful-in-using","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2024\/02\/02\/anddesk-be-careful-in-using\/","title":{"rendered":"AnyDesk: Be careful in using that remote support software"},"content":{"rendered":"

\"Stop[German<\/a>]A short warning to IT supporters who use the AnyDesk remote maintenance software for remote support. A few days ago, I reported some issues with this product (see my German blog post St\u00f6rung bei AnyDesk, jemand betroffen?<\/a>). AnyDesk web site has been on maintenance since January 30, 2024. Now vague information is trickling in, that there has been a cyber incident – although there is an information lock, so I can't get any details. Addendum:<\/strong> The hack is confirmed.<\/p>\n

<\/p>\n

\"\"The information I got so far is that there is a problem with AnyDesk. A cyber incident has been occurred – but no details are available from my sources. There is a recommendation from one source (which is currently rather nebulous) to look very carefully where AnyDesk is used (never in critical infrastructure environments).<\/p>\n

Combining numerous vague fragments of information I got from several sources – and some concrete observations from the readership – I have an idea of what might have happened. The official change log<\/a> of AnyDesk client version 8.0.8, dated January 29, 2024, says \"Exchanged code signing certificate. The previous certificate will be invalidated soon. Please update.\" I know also, that there is a confidential warning from German cyber security watch guard (BSI) – but I was not able to get the details.<\/p>\n

As a precautionary measure, I would not use use AnyDesk anymore until the details have been clarified and to keep a very close eye on systems in which the product was used in January 2024 (and scan them for malware if necessary).\u00a0I hope, I can report a few more details within the next days.<\/p>\n

Addendum:<\/strong> It's now official confirmed by AnyDesk, that they have been compromised. I've covered the first part of the story at AnyDesk confirmed, they have been hacked in January 2024, Production systems affected<\/a>. I still plan a 2nd article with more information I received for several sources.<\/p>\n

Articles:<\/strong>
\nAnyDesk confirmed, they have been hacked in January 2024, Production systems affected<\/a>\u00a0\u2013 Part 1
\nAnyDesk hack undercover \u2013 more information and thoughts<\/a>\u00a0\u2013 Part 2
\nAnyDesk hack undercover \u2013 Suspicious cases and more<\/a>\u00a0\u2013 Part 3
\nAnyDesk hack undercover \u2013 Access data offered for sale<\/a>\u00a0\u2013 Part 4<\/p>\n

Similar article:<\/strong>
\nSt\u00f6rung bei AnyDesk, jemand betroffen?<\/a>
\nAnyDesk: Be careful in using that remote support software<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

[German]A short warning to IT supporters who use the AnyDesk remote maintenance software for remote support. A few days ago, I reported some issues with this product (see my German blog post St\u00f6rung bei AnyDesk, jemand betroffen?). AnyDesk web site … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69,1544],"class_list":["post-33004","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=33004"}],"version-history":[{"count":9,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33004\/revisions"}],"predecessor-version":[{"id":33046,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33004\/revisions\/33046"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=33004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=33004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=33004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}