AnyDesk, a prominent remote desktop application utilized by over 170,000 clients, including major organizations like the United Nations and Nvidia, has reported a significant cyberattack on its production systems. The breach, highlighted by Bleeping Computer, involved unauthorized access to critical components such as the company’s source code and private code signing keys. Upon detecting suspicious activity on its production servers, AnyDesk swiftly engaged cybersecurity experts from CrowdStrike to address the breach and initiated an emergency response plan.
Contrary to initial fears, the company clarified that the incident was not a ransomware attack. Immediate actions included the revocation of all security-sensitive certificates and the thorough remediation or replacement of compromised systems. In a proactive measure to secure its software integrity, AnyDesk announced the revocation of its previous code signing certificate for application binaries, transitioning to a new one to ensure further security.
Moreover, AnyDesk is taking stringent steps to safeguard user credentials. It has reset all passwords for its web portal, my.anydesk.com, and is urging users to update their passwords, especially if identical credentials are used across multiple platforms.
Despite the severity of the attack, AnyDesk reassures that there is no evidence suggesting any impact on end-user devices. The company’s decisive response and transparency in handling the incident demonstrate its commitment to security and the protection of its extensive user base.
