Security Bulletin: AnyDesk Security Incident

What is it?

On February 2, 2024, AnyDesk, a widely used remote access solution provider, disclosed that it suffered a cyberattack that allowed hackers to gain access to the company’s production systems. Specifically, it’s been reported that hackers obtained access to the company’s source code and private code signing keys. Although AnyDesk assures users that their session authentication token remains secure, we strongly recommend AnyDesk users take the recommended actions below.

Specifically, it’s been reported that hackers obtained access to the company’s source code and private code signing keys.

Recommendations

Upgrade to the New Software Version: All users should promptly switch to the latest version of the software. The old code signing certificate will soon be revoked, making the new version essential for security.

Change AnyDesk Passwords: Although AnyDesk reports that passwords were not stolen in the attack, threat actors gained access to production systems. Therefore, it is strongly advised that all AnyDesk users change their passwords.

Review Passwords Across Sites: If users use the same password for AnyDesk and other sites, they should update those passwords as well to mitigate potential risks.

Learn More: To learn more about the incident, please refer to the AnyDesk public statement here.

Disclaimer: Elpha Secure hopes you found the general information provided in this article informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in place of consultation with your own legal and security advisors. If you like to learn more about Elpha Secure, click here.