The production system of AnyDesk, a remote desktop software maker, faced a cyberattack, resulting in a four-day outage between 29 January and 1 February. As a result, users were unable to log in to the AnyDesk client.
While media reported that hackers accessed source code and private code signing keys, Anydesk has not confirmed the same.
In its official advisory, AnyDesk clarified that it was not a ransomware attack and shared that it discovered the attack after detecting signs of intrusion on its product servers. After conducting a security audit, the company initiated a response plan in collaboration with CrowdStrike.
In terms of action, AnyDesk has revoked all passwords for its web portal, revoked and replaced all security-related certificates, replaced previous code signing certificates with new ones and informed relevant authorities about this attack. They have also urged their users to change their passwords as a precaution.
AnyDesk is a popular remote access solution for enterprise users and boasts over 170,000 customers, including high-profile organisations such as Amedes, LG Electronics, Comcast, NVIDIA, 7-Eleven, Siemens, MIT, Samsung Electronics, Spidercam, Thales, and the UN. Its wide reach and remote accessibility features make it a potential tool for cyber criminals who want to breach devices and networks.