TeamViewer Servers Go Down, Users Believe They Are Hacked

An anonymous reader quotes a report from Softpedia: Something is happening with TeamViewers servers at the moment, and all clues point to a massive breach that has led to many users going on Reddit and complaining about having their computers hacked. Some users have reported finding new transactions in their PayPal and bank accounts, while others discovered someone had been poking around their email account. Other lucky users said they barely avoided getting hacked at the last minute, noticing their mouse starting to move across the screen, and hurrying to disconnect their Internet connection. On Twitter, the TeamViewer team wrote that they're only experiencing issues in some parts of their network, but they denied any security breach, at least on their side. In the past months, we've seen malware use TeamViewer many times to infect computers, but most of those cases were because of users who used weak passwords, which is certainly not TeamViewer's fault. It is strange that this time around, just when TeamViewer servers go down, multiple users also flock to social media to complain about getting hacked. This is either one huge strange cosmic coincidence or TeamViewer is really at fault and won't be able to pin the blame on its users. On a semi-related note, PayPal will be suspending their business operations in Turkey after failing to obtain a new license for its service in the country.

Re:

[Anonymous Coward]

You mean like The Register? Who just copy-pasted the Reddit threads in their article? Sorry pal! Modern day journalism is shit.

Another example: This BBC article just quoted tweets and Reddit threads: http://www.bbc.com/news/technology-36426142 If even the BBC does it, what do you expect from other sources.

Re:

[Coren22]

One person's good source is another's partisan crap source. There is no making everyone happy.

Re:

[camg188]

Twitter = quotes for lazy journalists.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Kargan]

How the heck is that even remotely related to the TeamViewer article??

Re:On a semi-related note

[nadaou]

Which raises the question: Is BeauHD actually an AI bot?

Re:

[Anonymous Coward]

Close, he's a Slashdot editor. A bot wouldn't make so many mistakes.

Re:

[zerocommazero]

As a managed service provider, we use Teamviewer constantly to support customers. It's a legitimate company offering quick remote services that's easy (for the end user) to install for quick temporary help. We also use Kaseya which offers a full feature client but the licensing is very expensive so we use that for clients who are willing to pay more for a support contract with 24x7 logging, patch management, etc..

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Dan East]

They take over your webcam, and each moment your eyes drift close they move your mouse. Sometimes it can take an hour or more for them to cautiously position the mouse where they want it to take control over your computer, but they are patient, crafty little devils.

Re:

[ADRA]

A story that was already a dup!

Re:

[tlhIngan]

Not only a totally different story, but a reference to an earlier post as well.. almost as if the "You may also like to read" section doesn't exist.

So I guess it's "related" in that the stories appeared on /.?

Re:

[Coren22]

Is it murder if perpetrated by a murder of crows?

Re: Could you give us at least a hint ?

[Anonymous Coward]

No.

If you don't already know what it is, and if you are not able to type anything at all into a search engine, you will never need to know what team viewer is.

Just don't worry about it.

Re:

[Anonymous Coward]

It's basically the same thing as Remote Desktop or VNC. A user installs the agent on their computer so they can remote into their home PC from work (or vice versa), or so they can receive tech support from distant family members. Unfortunately a lot of scammers ("Hello, this is Microsoft and we noticed your computer is hacked") direct their victims to install Team Viewer as the first step of pwn1ng them, so it has an undeservedly poor reputation.

If they've been hacked, now they have a deservedly poor reputa

Are these stories submitted by a stupid script?

[Anonymous Coward]

X does 3 more things than Y and leads to an increase in A, B and C.

On a semi-related note, Space-x lands a reusable rocket.

It seems like 1 articles sensationalist claims are targeting 2 birds. /.'s stories have become a joke - sigh

They're all quoting the same ONE story...

[ndtechnologies]

Teamviewer says that there is no breach. That users that were compromised had not secured their remote systems with a password. I'm a teamviewer user, and have not had any of my systems compromised. It also seems apparent from the Reddit threads, that most of those people just left connections constantly open without even locking the remote system screen.

Re:

[ndtechnologies]

If you look at the Reddit posts, about ten were started when TeamViewer went down. Doesn't that say anything to you?

That you don't have to be smart to do IT apparently...

Re:

[Darinbob]

I'm confused here. I'm visiting my mother tomorrow, so I will check out TeamViewer. But there is no saved password and no web account. It randomly creates a passcode each time it is started, then that is read out to me over the phone, I type it in to my copy of TeamViewer and then I am connected. There is no web browser involved. It is very simple to use. It seems secure because it is a new password every single time it is used, I don't have to worry about my mother using her typical 4 character passw

Just went through

[fatkang]

Just went through this on Monday. I have an uncle I help remotely from time to time so I have(had) team viewer installed as a service. Get a call that someone had started remote controlling his laptop. He rebooted and uninstalled it immediately from his laptop and I changed up the team viewer passwords.

Re:

[MightyMartian]

So there is at least one anecdotal story here that the account that was hacked was passworded, which means TV's claim it was unsecured TV accounts that were hacked seem a little less believable. If you mind me asking, was it a reasonably complex password?

Re: Just went through

[A Li N]

Monday morning i came to my computer and saw the typical 'this session was free' message and $800 of Amazon gift cards purchased and attempts for eBay purchases. Checked the logs and it showed that 'I' connected through teamviewer. I checked the only other computer in my contact list that was online and it has similar attempts in amazon and eBay (no account info for that computer). To me, this says someone was for sure signed in under my user in TV. My password is a pretty strong password with upper, lower,

Re:

[preflex]

... And then it reposted your comment under your username instead of AC.

Are the contact requests related?

[sims 2]

I only use team viewer occasionally and I think only have one macine running with it installed.

Anyway I setup a teamviewer account back in 2010 but I didn't end up needing it I had not recived any emails from them until this year and now i'm getting "New contact request" emails from teamviewer.

Is this some type of overly complicated spam or what?
who is this "ARIA-PC"?

Me too

[Anonymous Coward]

I saw my Paypal e-mailed me today that there was a transaction. I immediately disputed that transaction and changed my password. I didn't know it was through TeamViewer that the hacker got in until now. So I've turned off all Teamviewer on my computers. I changed Teamviewer's password too, before that when I saw the log, it said someone logged in from Beijing yesterday. So far I haven't found any other unauthorized transaction yet other than 1 on Paypal which they refunded me already. Cross fingers th

Re:

[Anonymous Coward]

You saw logs that confirm that someone gained unauthorized entry into your system? Your system is compromised. And even if it's not, you should assume it is.

You should immediately:
1) Unplug the network connection.
2) Back up any important files to a WORM media device, like a DVD. Don't plug a write-many device into your computer.
3) Wipe all drives.
4) Check all drives (and any write-many devices you've plugged in to the system) for boot-sector nasties.
5) Reinstall everything. Except TeamViewer, of course, bec

Re:

[Cederic]

It's depressing when you read a post full of complete paranoia from an Anonymous Coward and find yourself agreeing with every recommendation and its necessity.

What's worse is that Slashdot now has readers for whom this sort of guidance appears to be necessary :(

Re:

[dejitaru]

Well, I use it for both the simplicity and capability to access my computer from both my android phone and the computer at work (browser, since i'm not allowed to install anything w/o IT permission).

When you factor in the fact that it has TFA, it's a pretty solid program that works well with multiple monitors. Why do you think scammers use it as well? It's a damn good program, free, and easy to use. Perfect to walk through an average user to install.

Re:

[PublicSchill]

uhm, if they are on windows they can just use Skype to share their screen....

Re:

[Ol Olsoc]

uhm, if they are on windows they can just use Skype to share their screen....

But as a person who gives a lot of support to windows users, I don't use Windows - goint to front me a free one?

Re:Teamviewer... euh, why would you use that?

[Ol Olsoc]

Easier than getting them to join a GoToMeeting, making them a presenter, then having them display their screen?

Having used both, Teamviwer works better IMO.

Re:

[mtmra70]

Having used both, and WebEx, and Skype For Business, WebEx wins. WebEx has multiple methods to get the app running, most not requiring admin rights.

Click the "join" button, enter any required info and click the share button. I don't know why so many people have a problem with those simple tasks. It's the SHARE button....in the middle of the screen....jumping out at you....just click it!!!!!

Re:

[Ol Olsoc]

I don't know why so many people have a problem with those simple tasks.

Probably related to them needing help in the first place.

Re:

[ilsaloving]

Does Webex have a free personal account? I'm looking at their site, but when I click their "Free Meetings" link I get taken to a page that screams bait-and-switch, with zero information explaining the supposed free account.

For Windows, zero-click

[raymorris]

> Windows's remote support

For Windows, here are a few options to take over their system which don't require the user to click anything:

https://web.nvd.nist.gov/view/... [nist.gov]

Re:

[BoogieChile]

"Via a crafted document"
"via a crafted Media Centre Link"
"Via a crafted embedded font"
"Via a crafted Journal"
"Via a crafted website"
"via a crafted application"

How do you propose getting the user to open your 'specially crafted doodad?

If you choose those, zero or one click

[raymorris]

If you choose some of those options, then yeah they'll need to click the link. The font etc you can probably just use in your email to them. Give em ten minutes, they'll click that "new email" notification without being asked.

Re:

[vux984]

You can't embed fonts in emails last time I checked.

(Real piss off to the marketing team who wants the newsletters sent with custom fonts... which virtually all if not absolutely all mailclients completely ignored.)

And even if you could embed the font in an email (like you can in a web page) that doesn't install it on the local system.

Re:

[PublicSchill]

Because the only time I hear about it is when people get sketchy calls, and are told there computer might have a virus. But don't worry, "microsoft" will help them after they install Teamviewer. Every company around here uses the built-in services. No need to install extra attack vectors. There are plenty of client software, and even phone apps/browser plugins that will connect with the software provided with Windows, Linux, and OS X.... So the question is, why would you want to install software that has

Re:

[dejitaru]

Well, last time I tired using RDP for windows, it was annoying. You had to ensure that specific ports are open and firewalls allow it and so on. I am sure it's a lot better now, but it left a bad taste in my mouth to give it a try again when I can use a piece of software from a reputable company that makes my life much better.

You ask why install software that has a potential to make your system more insecure? That goes with ALL software, including all the recent reports from antivirus, OEM upgrading s

Re:

[PublicSchill]

Well, did you copy that from a script or something? Sounds like a Dr Oz show. Secure software always leaves a bad taste in your mouth. It uses specific ports so you can easily block it, or change it to the ports you desire for more control. If your remote viewer/support software is purposely trying to punch holes through a firewall then it's definitely NOT something you want to use.

Re:

[dejitaru]

It's determining your trade-factor between simplicity and security Some people just want their software to work quickly and out of the box, others are willing to spend hours to properly learn and set up the software. Anyway, when you sign onto your computer with teamviewer you still have to log in to the desktop. At least that's how it's setup on mine. These people probably used the same passwords with no TFA. As for your Dr Oz reference... I guess? I never seen the show.

Re:

[MightyMartian]

We have an RDP server, and other than some pain with the licensing server getting our RDP CALs installed correctly, the sole operation on our gateway router was opening up port 3389. But if you're ultra-paranoid, just use PuTTY to set up an SSH tunnel. That's what I have on my laptop so I can administer the internal Windows servers.

Re:

[mysidia]

You ask why install software that has a potential to make your system more insecure?

It doesn't have the potential to make your system less secure it DOES make your system and your network less secure, because TeamViewer is essentially RDP with a Firewall circumvention protocol bundled.

Allowing users on your network to have TeamViewer installed on their workstation is apparently little better than just having Remote Desktop Protocol open to the world.

There's actually a reason that firewalls exist, and

Re:

[vux984]

There's actually a reason that firewalls exist, and that these services are blocked from being accessed by the internet..... TeamViewer is circumventing that, when the proper practice is to use a managed VPN device for legitimate remote access which will require two-factor authentication to connect to the network, then provide authorized users access to remote control on the target IP address.

Ok... so a company i work with sold this guy halfway around the world some software. He's have a little trouble getting it working.

I offer to assist, he downloads TeamViewerQS, he reads me the id and password, I connect, and he's sorted out 5 minutes later. He closes the app, and the 'hole' is closed.

The proper practice you propose... is that I call his IT contractor, have them come by and install a managed VPN device, with 2FA, then authorize me as user ; sends me a VPN client, a certificate... login crede

Re:

[mysidia]

I offer to assist, he downloads TeamViewerQS, he reads me the id and password, I connect, and he's sorted out 5 minutes later.

I'm objecting to the "He just downloads TeamViewerQS part"; unless he is in the IT department, physically the entire access is supervised by a sysadmin, and a temporary firewall exception is required to be added to the network firewall device.

The trouble is what happens if the software gets left on the computer, or some random user can easily deploy it without permission or for

Re:

[pla]

Every company around here uses the built-in services. No need to install extra attack vectors.

I love RDP, and it works amazingly well... As long as both ends live on the same network (or have a public-facing IP) and don't have a firewall running (or the users at both ends know how to properly configure it). Unfortunately, those conditions rule out 99% of destinations.

Microsoft's advice on dealing with those issues may leave a few folks wanting, however: "If you're at home, make sure your router has th [microsoft.com]

Why use TeamViewer?

[King_TJ]

Actually, a lot of corporations migrated over to TeamViewer after a fiasco with LogMeIn eliminating their free version of their software.

http://lifehacker.com/remote-d... [lifehacker.com]

Corporate I.T. likes these types of remote assistance packages, primarily because they let you set up a whole list of computers to click to connect with, under a single "master" account. It's really convenient to have all of your company's workstations organized by department or group and easily visible as to which are online and which are

Re:

[PublicSchill]

What? It runs in safe mode... so then it basically is malware too.

Re: Why use TeamViewer?

[iMouse]

All good malware runs in safe mode too. Good luck getting anything well written off of the box without offlining the disk.

Re:

[mysidia]

Safe mode is not for malware removal. If a system has malware, then unplug its network cable immediately, before more damage occurs.

re: malware removal

[King_TJ]

Obviously, you're not working in I.T. support for a company with highly mobile workers who often need assistance in the form of a quick fix, no matter where they're located.

Windows "Safe Mode" can be useful for removing malware because it tells the OS to boot up in a "bare bones" mode, bypassing the startup registry keys or scripts it would usually run at boot time. This may be less true for Windows 10 or 8 than for 7 ... but it was definitely the case with 7 that malware removal tools couldn't completely d

Re:Teamviewer... euh, why would you use that?

[vux984]

I don't think there is an OS today that doesn't have built-in remote support... why would you ever install some shady 3rd party program?

What is the builtin remote support for windows that is actually worth a damn? What about OSX?

Teamviewer is crossplatform (mac, PC, and Linux, ios, and android...); and quite frankly it's, very, very good. It works behind firewalls. It plays well with UAC.

It's pretty inexpensive even for commercial use, and free for personal use. Its not even slightly shady.

There are a few other solutions but most that I've tried are flaky crap by comparison, and the other good ones cost more.

Re:

[MikeMo]

OSX has built-in VNC, both client and server, and Messages has a configuration-free, built-in "share screen" feature, which can be invoked from either end.

Re:Teamviewer... euh, why would you use that?

[MightyYar]

OSX screen sharing works great with other OSX machines. Not as great with Windows, and definitely not when trying to pierce firewalls and use an alternate keyboard layout.

Re:

[brantondaveperson]

Plus it works bloody terribly over the internet. TeamViewer entirely blows it out of the water.

Re:

[MightyYar]

Yeah, I forgot about that. After futzing with ssh tunnels and figuring out how to start it up via the command line, then working around the keyboard issues, it STILL sucked in the performance department. I ended up running "Chicken of the VNC" instead until I settled on LogMeIn, then TeamViewer.

Re:

[Motherfucking Shit]

They're a bunch of TV schills. Look at their language collocations. It's always the same.

Speaking of language patterns, I don't think I've ever seen anyone spell "shill" that way until today. What a coincidence you've posted in the same thread where a user named PublicSchill [slashdot.org] is making negative remarks about TeamViewer.

Re:

[vux984]

"Connect Via External IP Address

To make this work to connect to a computer outside of your local network you need to have a static public IP address make a change to your router port forwarding settings."

https://coolestguidesontheplan... [coolestgui...planet.com]

You know, that's bearable if you are connecting back to your own home. But good luck getting that going in a remote support scenario with a customer or grandma.

And things get really fun if you need to be remotely connected to 3 or 4 systems at once... behind the same firewal

Re:

[wisnoskij]

Most to the point, the built in options are flaky crap, complicated to set up and use.

Re:

[MightyYar]

It's pretty easy to use, and it is cross-platform. It pierces the corporate firewall very well. I'm probably a little paranoid, so I don't leave it running - I start it from ssh when I need it. Maybe that paid off today. I used to use VNC over an ssh tunnel, but that was not as seamless and VNC had weird little glitches in dealing with Windows->Mac and with Dvorak.

Re:

[thegarbz]

I don't think there is an OS today that doesn't have built-in remote support...

I don't think there's an OS today that HAS a built-in remote support feature that's easy to use and works. Between firewall tunneling setting up IP addresses, or in the worst case sharing a login/password for an OS based feature (Teamviewer is only a program and I'd prefer sharing a password of something I can simply close), Teamviewer has a lot going for it.

Mind you it's not the only one. There are many third party tools, even one built into Chrome that fill some major functionality gaps, or sometimes don'