TeamViewer abused to install ransomware on computers

vbimport

#1

We’ve just posted the following news: TeamViewer abused to install ransomware on computers[newsimage]http://www.myce.com/wp-content/images_posts/2016/03/teamviewer-95x75.png[/newsimage]

Users on BleepingComputer report TeamViewer is abused to install ransomware on computers. Although it’s unclear how the cyber criminals gain access to TeamViewer, the login to the computer and the activation of the ransomware is clearly visible in TeamViewer’s logs.

            Read the full article here: [http://www.myce.com/news/teamviewer-abused-install-ransomware-computers-78947/](http://www.myce.com/news/teamviewer-abused-install-ransomware-computers-78947/)

            Please note that the reactions from the complete site will be synched below.

#2

Also, if you’re not using TeamViewer, make sure TeamViewer is disconnected from the internet. The easiest way to do so is to disable TeamViewer, including any/all background services. The next best thing is to block TeamViewer with your firewall, and to re-enable it only when you plan on using it.

Also, don’t ever re-use passwords. If you do so, once one password is cracked, who knows how many services the cracker might use in your name.


#3

Or you could exploit a bug in the present version of TeamViewer… If you set ‘Incoming LAN connections’ to ‘accept exclusively’, your TeamViewer will not connect externally and case closed :smiley:


#4

^I noticed this as I have my computers set to accept LAN connections only for security, and suddenly (after installing v11.0.56083) was unable to connect to servers and workstations in my address book (TeamViewer Manager).

Investigating the cause of it, I found that setting ‘Incoming LAN connections’ in Options-General to ‘Deactivated’ made me able to connect to all servers again.
The setting should only affect incoming connections and is a bug in the current version, a handy bug as of now of course.