TeamViewer confirms extent of account abuse 'significant'

The company said the hack was down to user "carelessness," but it seems the firm's careless use of words has caught up with it.
Written by Charlie Osborne, Contributing Writer

This has not been a good month for TeamViewer, which has not only been accused of being responsible for the mass-hacking of user accounts which it now admits as being "significant," but has also come under fire for blaming users in a careless fashion.


Last week, a stream of user complaints appeared online which were levied against TeamViewer. The company, which supplies remote desktop and control systems, had reportedly suffered a data breach leading to the compromise of user accounts and PCs.

Users complained of everything from PC hijacking to accounts being accessed for the purpose of making purchases ranging from designer clothes to gift cards.

At the same time, TeamViewer's network was disrupted by a denial-of-service (DoS) attack, but the company insisted the incidents were not related.

In an interview with Ars Technica, TeamViewer spokesman Axel Schmidt said the number of takeovers is "significant," but at this time, no fixed figure can be given.

TeamViewer originally blamed the hacks on users and said the "careless" use of repeat credentials -- tailored with the leak of millions of user account credentials from MySpace and LinkedIn -- were at fault.

The company maintains that accounts were not compromised through the company's internal systems.

"The vast majority of the cases that we see have to do with there being a lot of data breaches lately, and whenever we're pointed to potential TeamViewer account abuses, we check internally to determine what we can see," Schmidt told the publication. "And in virtually every case we see that the passwords and account credentials have been used elsewhere."

While still maintaining TeamViewer is not at fault, the spokesman did say sorry to users for the firm's response to the original reports.

TeamViewer wants to "sincerely apologize" to users who were offended by the company's choice of words, and Schmidt says that they "never meant to offend anyone."

Instead, TeamViewer meant to get across that with remote control software, users need to be extra careful as connections are made between one device to another, and a lack of strong passwords can spell disaster.

Schmidt said:

"So you want to be extra careful, and that's what we meant to bring across. We're deeply sorry if we offended anyone by our choice of words.

It's really important to understand that TeamViewer is a tool that needs to be used sensibly and extremely smartly."

An interesting element of the case are reports that some attackers are able to bypass two-factor authentication (2FA) on user systems. As of now, the company has no concrete evidence that cyberattackers have been able to peel away this layer of additional security, and without user log files -- which are not being submitted -- there is no way to verify these claims.

"We're not doubting TeamViewer accounts have been abused," Schmidt said. "It's just this is not because of a TeamViewer weakness [..] We have reason to believe that's because of the reuse of passwords. Obviously, what we're not doubting is that yes, people have been ripped off by online criminals and their bank accounts may have been emptied, but again that's not a TeamViewer vulnerability."

If you think you may have been involved in the breach, check HaveIbeenPwned and change your passwords as soon as possible.

2016 Father's Day tech and gadgets gift guide

Editorial standards