Monday 5th February 2024
On Friday, AnyDesk confirmed that their production servers have suffered a security incident. AnyDesk is a remote desktop application with an 8.96% share of the remote support market, or 170,000 customers including FORTUNE 500 companies. This security incident resulted in attackers gaining access to production systems, source code, and private code signing keys.
AnyDesk was asked for further details by BleepingComputer, who have commented that a four day maintenance window in January was related to this incident.
No users credentials were stolen according to AnyDesk however caution should always be at the forefront of our actions. If any passwords related to user AnyDesk logins are reused elsewhere, these passwords should be changed.
The release notes for the latest version of AnyDesk for Windows, v8.0.8 note:
29.01.2024 – 8.0.8 (Windows)
– Security update: Exchanged code signing certificate. The previous certificate will be invalidated soon. Please update
If our readers use AnyDesk for Windows then please upgrade to >=8.0.8 as soon as possible.