![]() We're going to see more and more of these types of attacks. Any critical account (like remote access or anything related to money) should be protected by a unique strong password and 2FA (when available). Unfortunately, the majority of the blame lay with poor security decisions made by users. None of these functions have hidden mode and again none of them lets remote user view or manage your computer without you noticing it. They are Remote Control, File Transfer and VPN (if driver is available). In addition, they should have noticed huge spikes of bad user/pass combos being tried on their servers. TeamViewer has three built-in functionalities to let user access to remote computer. They should have required 2FA for accounts that allow for remote session activity. Who is at fault? Teamviewer doesn't deserve to walk from this completely free of blame. ![]() They take the list of successful user/pass combos and give it to a group of people determined to transfer paypal, buy gift cards, anything that will let them infiltrate money by taking control of that user account. But, it doesn't cost any money to continually bang on teamviewer servers looking for username/password combos that work - this part is automated and being done from thousands of computers all at the same time (essentially a botnet). Of course, 99.99% of all the accounts in the huge list will fail (user doesn't exist, wrong password, etc.). A person(s) or group(s) with this collection decides to target teamviewer users, especially after learning that teamviewer doesn't require their users to enable 2FA. There are hundreds of millions of username/password combinations, stolen from lots of different websites that have been breached over the years.
0 Comments
Leave a Reply. |