AnyDesk recently confirmed that the company suffered a cyberattack that resulted in source code and private code signing keys being stolen. AnyDesk is a popular remote access solution used by over 170,000 customers, including major companies such as 7-Eleven, Comcast, Samsung, MIT, and the United Nations. It is also widely used by threat actors.
In response to the attack, AnyDesk conducted a security audit and activated a response plan with the assistance of cybersecurity firm CrowdStrike. The company assured customers that AnyDesk was safe to use and that there was no evidence of end-user devices being affected.
Additionally, AnyDesk is revoking all passwords to their web portal and recommending that users change their passwords for added security. The company has also begun replacing stolen code signing certificates and has released a new version of the software with a new code signing certificate.
The breach occurred sometime before a four-day outage starting on January 29th, during which users were unable to log in to the AnyDesk client. AnyDesk confirmed that the maintenance implemented during this outage was related to the cybersecurity incident.
Overall, while AnyDesk has taken steps to address the breach, users are strongly advised to update to the new version of the software and change their passwords as a precaution.