In a public announcement on February 2, 2024, AnyDesk revealed that the company fell victim to a cyber attack, resulting in the compromise of its production systems. The company emphasized that the incident, discovered during an audit, is not ransomware. Authorities have been notified and are actively involved in addressing the situation.
This disclosure follows closely on the heels of another cybersecurity incident involving Cloudflare. The company reported a breach by a suspected nation-state attacker who gained unauthorized access to its Atlassian server, compromising some documentation and a limited amount of source code. Cloudflare promptly responded, stating, “We have revoked all security-related certificates, and systems have been remediated or replaced where necessary.”
Highlighting the severity of the threat, AnyDesk reassured the public of its commitment to security. The company announced, “We will be revoking the previous code signing certificate for our binaries shortly and have already started replacing it with a new one.” As a precautionary measure, AnyDesk revoked all passwords to its web portal, my.anydesk[.]com. Users are strongly urged to change passwords promptly and advised to update passwords on other sites or applications where reused.
In an effort to enhance security, AnyDesk is encouraging users to download the newest version of its software. Although it remains uncertain whether any information was stolen in the hack, the company emphasized that there is currently no evidence of any end-user systems being affected.
AnyDesk, boasting a user base of over 170,000 customers, including Amedes, AutoForm Engineering, LG Electronics, Samsung Electronics, Spidercam, and Thales, is actively addressing the aftermath of the cyber attack to ensure the safety of its users and the integrity of its systems.