>TeamViewer users say their computers were hijacked and bank accounts emptied after the software company's systems mysteriously fell offline. TeamViewer denies it has been hacked.
>In the past 24 hours, we've seen a spike in complaints from people who say their PCs and servers were taken over via the widely used remote-control tool on their machines. Even users with strong passwords and two-factor authentication enabled on their TeamViewer accounts say they were hit.
>It appears miscreants gained control of victims' TeamViewer web accounts, and used those to connect into computers, where they seized web browsers to empty PayPal accounts, access webmail, and order stuff from Amazon and eBay.
>"Hackers got everything from me," Doug, an Idaho-based Twitch streamer who was looking forward to celebrating his birthday today with his wife and two kids, told The Register.
>"They remote connected in at 5AM MT, went into my Chrome and used my PayPal to buy about $3k worth of gift cards. And yes, I had two-factor authentication."
>Over on Reddit, people were lining up with tales of their systems being compromised via TeamViewer, sparking fears the platform had been hacked. TeamViewer makes remote-control clients for Windows, OS X, Linux, Chrome OS, iOS and Android.
Christ on a bike I installed this for the first time yesterday to use it for a few hours.
This is what people get for not having their automatic services under control.
Logan Gomez
guess who doesnt run teamviewer
Chase Gomez
smart people?
Lucas Collins
Pretty obvious what happened someone made a malware that tries logging into Teamviewer client the with hacked credentials originating from any 1 of 1000s dBs that got hacked and dumped online. Doesnt mean Teamviewer itself was the problem.
Andrew Morris
>teamviewer
their fault
Jacob Gutierrez
>Unironically checking the "Keep me logged in" box >Not clearing history and running Ccleaner every time you leave the PC They were asking for it, any 5 year old wondering around the house could have done the same shit.
Asher Wilson
Would you only get hacked if u had teamviewer running? What if its installed on my computer and ive only used it like 2 times to help my technologically handicapped korean qt gf with stuff. Am i still in a danger?
Ethan Ward
oooo nooez!!!!! u must delete system 32 if its appears on your PC, its a sign of a compromised system, do a quick search on you desktop and delete that shit asap
Nolan Martinez
>>"They remote connected in at 5AM MT, went into my Chrome and used my PayPal to buy about $3k worth of gift cards. And yes, I had two-factor authentication."
The hell? Did the hackers remotely break into his house and steal his hardware token? If he really had 2FA this wouldn't have happened.
Brayden Butler
> >Trusting Pajeet tier "safe" malware Exactly. Uninstalled as soon as I found that their GNU/Linux version is basically the Windows one wrapped in outdated Wine.
Connor Hall
uninstall it tard. no app, no remoting in using it.
Bentley Green
>have TV installed on one of my servers to remote in and out >check paypal >money still there >check TV >I was never logged in >login was set to manual and not to "keep me logged in"
whew
Luke Mitchell
2FA means 'mobile phone' nowadays.
Cooper Kelly
>people actually had the teamviewer service running Fuck. I've used Teamviewer a bunch of times myself but the first fucking lesson is not to leave an RPC service running when it doesn't need to be.
Nolan White
>do pic related with secure password problem solved
Alexander Miller
>PayPal >two-factor authentication
Isn't this a PayPal hack then?
Camden Howard
Why would you use 3rd party software when literally any modern OS can do the same shit
Robert Ross
Na, you see, they used Remember me options on their computers for things like Paypal and other shit, so when the hackers gained control of their computers they didn't need to auth themselves to do transactions.
This is basically just a security 101 lesson for people. I'm willing to bet a bunch of these people slipped up and posted Teamviewer info publicly as well, either in screenshots or streamed, so that hackers only had to do minimum effort to log in.
Asher Sanchez
...
Oliver Carter
>used Remember me >complaining
Holy shit so he is retarded.
Camden Murphy
Is there a way to bypass teamviewer commercial use detection?
I connect to lots of computers from single IP and it always starts to nag me after some time.
Leo Lee
Prease
Nicholas Gutierrez
...
David Roberts
>didn't need to re-auth themselves
what's the point of 2fa then silly teamviewers
also why is that even an option
Julian Peterson
You all shit on TeamViewer and all, but what else to use, that would work on both Windows and Linux alike?
In before "ssh" - not everyone at work is willing to work over terminal, stop being autistic.
Jace Wood
What? 2fa usually covers logins. The general idea is that if you use Remember me it would only be on a home computer. Often 2fa systems will also take into account your IP so if your computer got stolen and they connect from a new IP/different range it would hit them up with a reauth message.
But it really just comes down to the fact that they left a remote login system running which wasn't adequately secured. User stupidity.
William Johnson
>ssh >terminal only You can use ssh -X to get your gooies
Brandon Cruz
just disabled TeamViewer from startup im safe now?
Matthew Young
Is the service still running?
Leo Rogers
Whatever. Co-workers wont use SSH.
Lack of replies only proved what I wanted to prove - that you can only shit on software but cant provide real alternative.
They need remote control software that would allow to control both Linux and Windows desktops from each other. TeamViewer is best option I saw so far.
And nobody dared to prove me otherwise.
Carson Sanchez
>Whatever. Co-workers wont use SSH.
Your coworkers are retarded.
hth
Joseph Powell
All with PhD you moron.
I expected some autistic replies but come on.
>Im using solution X, is there alternative other than Y? >HURR USE Y
Lucas Rodriguez
looks like it isn't since i can't access from the other pc
Caleb Harris
> tfw I knew it was a "botnet" > it literally was > I used it because I was lazy to setup vnc
be safe, use gentoo
Jaxon Jackson
Bomgar is supposed to be pretty good, or you could just run VNC
Jose Rivera
>6 characters >Secure
wut
Grayson Cook
People, if you are a Twitch Pro Gaymer and you have managed to make a whole three thousand dollars from your career, you are awesome.
Cooper Parker
What is this TeamViewer and how is it better than ssh?
Cooper Lee
>Trusting pajeetware
Zachary Myers
Does this affect Macs?
Levi Morgan
>allowing remote access >secure
Grayson Diaz
>for the past few months received various emails asking to befriend some one in teamviewer >wtf i dont think i have an account there *ignore* >the emails keep on coming >login on that shit >>your account is being upgraded >>logout out instantly >ayy wtf??!?!? >login again >goto account settings >remove the only session authorization in there >and delete whole account >... >4 days later teamviewer users report getting hacked for fuck sake i would rather ssh running on port 22 visible to the outside
Parker Sullivan
if i used it months ago, am i still fucked?
James Wood
>teamviewer has always been by definition a botnet >normies cant into virus terminology >"its safe to set up my computer to be accessed from anywhere" >mfw this happens >mfw it took THIS LONG for it to happen
compartmentalize fucking everything guy here >mfw I only ran teamviewr inside of a vm get fucked scrubs.
Nathaniel Richardson
Its called VNC you inept fucking moron.
Grayson Walker
I'm talking about the password for unattended access, the 6 character password is randomly generated each time it starts up
Gabriel Baker
Same just used it yesterday night >inb4 ur fucked kiddo >Inb4 hax 4 lufe >Inb4 change your passwords
Just curious if other users like me who only connect with their friends once in awhile are in danger. I do not ever install team viewer btw, I just run it
Gabriel Russell
So how about providing better software for that task instead of showing your "wisdom"?
Grayson Morgan
the replies in this thread prove beyond a shadow of a doubt that Sup Forums is now a normie board
Bentley Moore
Because?
Please explain.
Dylan Jenkins
can someone suggest an alternative to punching yourself in the face please? if you can't i will just have to keep doing it
Eli Turner
>nonfree software You get what you pay for
Connor Roberts
.>paypal is safe guys >just link your card to it it will be fine guys no need for silly things like CV2 codes or expiration dates
boy howdy am i glad im not retarded enough to use team viewer
Brandon Powell
irrelevant if they stole names/pw's for the account :S
Anthony Ward
>normie yes, you are part of the normalfag invasion
Lincoln Anderson
Just curious why you guys even have it? What do you even use it for?
Kevin Sanchez
They use it where I work at but I wasn't dumb enough to install it on my main computer like everyone else.
Nolan Ross
And for what you use remote desktop software?
You seriously compare using software like that to punching yourself to face?
Please, you are just embarrasing yourself.
Maybe you love to work remotely using ssh and text terminal, but not everyone consider this comfortable. Im done with all this old software from work that works only in text mode, having to scroll at all options and repeating everything if I make a typo.
Jason Stewart
ok buddy
Elijah Green
Paypal is safe. You can only do so much to protect users from themselves.
Christian Gonzalez
I seriously doubt that TeamViewer was hacked; I have several PCs running it with no signs of bad activity, but I use a 16 character password with uppercase/lowercase/Symbols/Numbers so I assume that's why.
I also don't reuse passwords across services. I assume the Myspace and Linkedin breaches were the main reasons, along with password reuse.
Nolan Anderson
it means they have a way to get access without needing that.
Joshua Walker
How do you explain then people using randomly generated, unique passwords and 2 factor authentication?
Christian Edwards
Vnc
Landon Hughes
>Not using VNC >CURRENT_YEAR
Alexander Flores
>He kept 3k in a paypal account Rich idiots getting robbed is hilarious
Wyatt Turner
I don't understand how they got into people's Paypal accounts. Was it just that they gained access to a load of accounts that just happened to have their Paypal pages open? Can you even tell Paypal to remember your username and password?
Blake Jones
>Save paypal credentials in firefox
Yeah some people are stupid.
Leo Price
JEWS
Why is pol always right?
Dylan Turner
>Doug, an Idaho-based Twitch streamer So that's an actual job now.
John Gomez
I don't even know what the fuck is team viewer.
Jordan Hall
Then how about you type it into Google and spend one minute educating yourself before making a post you fucking sack of shit.
Michael Gutierrez
PREASE, U BASTAD
Aaron Walker
>You can use ssh -X to get your gooies I have NEVER gotten that to wrek right, always have to use x2go
Jordan Clark
>compartmentalize fucking everything guy here QubesOS, maximum security
Brayden Myers
Yes, you can. I know because I intentionally do not let it.
William Price
I can't image how people who are smart enough to know they they need TeamViewer, are dumb enough to not know the security implications.
It doesn't make sense to me.
Jonathan Ross
cube os is basically a copy of what Ive been doing for the last 5 or so years. I just do it manually, and if I suspect a vm to be compromised then I remove all files I want and deem to be safe to reuse, delete the vm, and make a new one. Sometimes Ill use copy a template and use the copy to save time.
Chase Sullivan
more like >having teamviewer installed on your PC
Connor Reed
The people I live with honestly couldnt even turn on my pc. Its a pain in the ass just to get it to post. even if they did figure out the trick, they wouldnt make it past login. even if they did make it past login, they have no concept of terminal commands. x doesnt start by itself, they are fucked no matter what. The filesystem isnt recognized by windows, let them take the hd..
Lucas Evans
>Hackers got everything from me >used my PayPal to buy about $3k worth of gift cards
what, $3k is everything for fat americunts? How poor in the loo are you
btw never installed teamviewer, openvpn+vnc mustardosrace
Oliver Edwards
>They need remote control software that would allow to control both Linux and Windows desktops from each other. TeamViewer is best option I saw so far.
openvpn+vnc, all open source. I admin a plethora of windows and linux workstations (and servers, but with them I use ssh naturally), all of them have vnc. Openvpn server with 2048bit keys and aes-ni support, works quite well.
I've kept this setup for like five years now, works for me
John Thomas
Most were from Ebay, eBay doesn't ask you for PayPal details twice in the same session.
Cameron Morgan
>People in this thread posting VNC meme >Don't understand VNC is not encrypted. Even if both parties manually setup encryption, VNC sends passwords in plaintext
There are no good alternatives
Evan Peterson
why do i care if vnc sends passwords over plaintext in my VLAN? My openvpn tunnel is encrypted.
Dylan Cook
>mfw installed ultraVNC on my ex company pc's >even on the CEO's son >all without passwords, at all
Lincoln Rivera
>that pic Fucking wrecked
Adrian Gutierrez
I installed teamviewer for 2 fucking days, right when that shit happens
Now I have to replace 2 fucking routers because I don't know if some chink fucked with them
reeeeeeeeeeee
Lincoln King
>Now I have to replace 2 fucking routers
Levi Gomez
>tfw never used teamviewer
Jacob Barnes
>tfw my grandpa has teamviewer installed so that i can help him help with tech related problems he's facing >tfw worried if his computer is affected
By the way, what are trustworthy FOSS teamviewer alternatives? Are VNC servers alright?
Lucas Scott
# systemctl disable systemviewerd worry worry
Jonathan Lopez
holy shit that's horrible. This is why we use standardized remote connection protocols.
Nolan Smith
and by that I mean don't trust other entities with connections to your computer.
Caleb Rivera
*teamviewerd
Michael Robinson
I don't understand why all programs aren't sandboxed.
sounds pretty good for normies who fail for silly tricks
Connor Gutierrez
>In before "ssh" - not everyone at work is willing to work over terminal, stop being autistic. Get off Sup Forums this instant, this is a technology board. If using tech is 'autistic' you fucking need to get off here
Being afraid of terminal is a golden sign you're not technologically inclined, and do not belong here
