A recent security breach has exposed AnyDesk’s customer’s credentials, putting their accounts and devices at risk.
On February 3, 2024, Resecurity discovered several threat actors peddling compromised AnyDesk credentials on cybercriminal forums.
Over 18,000 credentials were leaked and offered for sale on the Dark Web.
Anydesk’s public statement about the security breach.
The attack is believed to have happened in late January, and some users are still using compromised credentials.
AnyDesk’s customer credentials listed by the threat actor “Jobaaaaa”.
The leaked information contains the usernames, passwords, number of active connections, session duration, and associated email addresses, reads the Security report.
This data could be used for targeted phishing attacks, account takeovers, and even malware distribution.
And this could give attackers valuable insights into their online activity and make them a prime target.
“This data is ideal for technical support scams and mailing (phishing),” added the threat actor.
Account credentials suspected to be compromised are thought to have been acquired through infostealer infections.
- Immediately update the AnyDesk password, and avoid using the same password across multiple accounts.
- Enhance security by enabling Multi-Factor Authentication (MFA) for AnyDesk account, requiring an additional code from another device for login.
- Explore the use of AnyDesk’s whitelist feature to limit access to trusted individuals or devices.