The biz has told customers to expect disruption as it attempts to lock down its infrastructure.
While there's no specific mention of stolen data, some infosec analysts have pointed out that the disclosure indicates that criminals got hold of AnyDesk's code signing certificate.
That would allow miscreants to pass off malware as legit AnyDesk tools to unsuspecting marks.
According to infosec world watchers, criminals are selling AnyDesk customer credentials on the dark web, though these may not be related to this latest heist.
AnyDesk says it has hired CrowdStrike to assist with remediation and incident response, and notified the authorities.
Cyber threat intelligence analysts from our HUNTER team were able to establish contact with the actor to acquire context about this activity.
These compromised account credentials are believed to have been obtained via infostealer infections.
Nick Hyatt, director of threat intelligence at managed detection and response firm BlackPoint, told The Register that the credentials are legitimate, but not newly stolen.
This Cyber News was published on go.theregister.com. Publication date: Mon, 05 Feb 2024 19:13:16 +0000