Security News > 2024 > June > TeamViewer links corporate cyberattack to Russian state hackers

RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week.
TeamViewer says they believe their internal corporate network, not their production environment, was breached on Wednesday, June 26, using an employee's credentials.
"Current findings of the investigation point to an attack on Wednesday, June 26, tied to credentials of a standard employee account within our Corporate IT environment," reads the updated TeamViewer statement.
"Following best-practice architecture, we have a strong segregation of the Corporate IT, the production environment, and the TeamViewer connectivity platform in place," continues TeamViewer's statement.
It is recommended that all TeamViewer customers enable multi-factor authentication, set up an allow and block list so only authorized users can make connections, and monitor their network connections and TeamViewer logs.
TeamViewer's corporate network was breached in alleged APT hack.
News URL
Related news
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)