AnyDesk revokes signing certs, portal passwords after crooks sneak into systems

2024-02-05 18:30

AnyDesk has copped to an IT security "Incident" in which criminals broke into the remote-desktop software maker's production systems.

"We have revoked all security-related certificates and systems have been remediated or replaced where necessary," AnyDesk said.

"As a precaution, we are revoking all passwords to our web portal, my.anydesk.com, and we recommend that users change their passwords if the same credentials are used elsewhere."

According to infosec world watchers, criminals are selling AnyDesk customer credentials on the dark web, though these may not be related to this latest heist.

AnyDesk says it has hired CrowdStrike to assist with remediation and incident response, and notified the authorities.

Other security shops warned that the pillaging has already begun with "Multiple threat actors" selling access to stolen AnyDesk credentials.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/02/05/anydesk_breach/

#anydesk #cert #systems