AnyDesk, which provides a remote desktop application that provides access, file transfer, and VPN functionality for endpoints, announced that its production systems have been compromised and that it plans to revoke all of its security-related certificates and reset all passwords. Web portal as a precaution.
The company assured its customers in a statement issued late Friday that no end-user devices had been hacked, adding that AnyDesk Systems they are “designed not to store private keys, security tokens, or passwords that could be exploited to connect to end-user devices.”
AnyDesk also said that it is working with the relevant law enforcement agencies on the incident and that there is no evidence of ransomware so far.
In addition to internal password rotations, the company urged its customers to update all passwords used on other accounts.
“To date, we have no evidence that end-user devices have been affected,” the company said. “We can confirm that the situation is under control and that it is safe to use AnyDesk. Please make sure you are using the latest version, with the new code signing certificate.”
Remote access management tools like AnyDesk are a popular target of cybercriminals. In fact, last summer both the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) issued a joint warning that threat actors were using these remote monitoring and management (RMM) systems, includingg AnyDesk and ScreenConnect infiltrate federal organizations and agencies.