Remote desktop application AnyDesk has confirmed that it recently suffered a cyberattack in which hackers gained access to the company’s production systems, including source code and private code signing keys, Bleeping Computer reports.
AnyDesk says it learned of the hack after it detected an incident on its production servers. After confirming that its systems had been compromised, the company activated a response plan with help from cybersecurity company CrowdStrike.
The company says that the incident is not a ransomware attack and that it has notified the relevant authorities. The company also says that it has “revoked all security-related certificates and systems have been remediated or replaced where necessary.” AnyDesk will also be revoking the previous code signing certificate for its binaries and replacing it with a new one.
The company is revoking all passwords to its web portal, my.anydesk.com, and it recommends that users change their passwords if the same credentials are being used in other places as well.
The company claims that it has no evidence that any end-user devices were affected.
AnyDesk has 170,000 customers including high-profile clients including the United Nations, Samsung, Comcast, and Nvidia.