TeamViewer points finger at Russia after corporate network breach
TeamViewer, the German company popular for its remote access software, was hit by a cyberattack believed to be orchestrated by Russian intelligence. The company confirmed the breach on June 28th, stating that their investigation points to APT29, a hacker group also known as Cozy Bear or Midnight Blizzard.
TeamViewer said the intrusion appears to be contained within their corporate network. They assured users that there's currently "no evidence" that customer data or their production environment, which includes the core remote access software, was compromised. This separation between internal systems and customer data is a security measure many companies employ to minimize risk.
The attack reportedly began on June 26th by exploiting a standard employee's login credentials. While details remain scarce, compromised credentials are a common entry point for hackers. They can be obtained through phishing emails, malware, or even buying them on the dark web.
While TeamViewer hasn't revealed the extent of the breach within its corporate network, such attacks can have serious consequences. Hackers might target sensitive company information, intellectual property, or even internal communications. They could also use the breach as a stepping stone to launch further attacks within TeamViewer's supply chain or partner networks.
APT9 is well-known in the security industry and has a long history of targeting government agencies, businesses, and critical infrastructure around the world. Their motivations can vary, from espionage and stealing intellectual property to disrupting operations or sowing discord.