Home / Software & Gaming / Security / Update: TeamViewer comments on hacking claims

Update: TeamViewer comments on hacking claims

Update: TeamViewer responded to our requests for comment with the following:

“TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side,” it said in a statement.

It also clarified that TeamViewer has not been hacked, nor is their a security hole and it believes that the software is still perfectly safe for use.

TeamViewer believes instead that “careless use,” is the reason for people having their PCs taken over and their money stolen. It claims that people have had their passwords stolen from another service, allowing a nefarious individual to then reuse that same password on TeamViewer to gain access to their system.

Moving forward, it recommends all users change their passwords so that they are unique and strong for each service and that they turn on two-factor-authentication.

Original Story: If your'e a TeamViewer user, make sure you don't leave it running when you aren't around and that you have two factor authentication enabled, as a number of users have had their bank accounts emptied by hackers gaining full-system access. TeamViewer has so far only asked people contact support, but denies there is a security breach.

A number of readers have contacted us about this over the past few days, pointing out that after leaving their PC unattended, they returned to find that someone had used TeamViewer to access their PC remotely. In some cases, where auto-login happens with Paypal or other sites, their bank accounts have then been emptied through non-refundable purchases.

This is a terrible state of affairs for those affected and one quick look at the TeamViewer Twitter feed or a number of Reddit threads and forum posts, suggests that this is a growing issue.

teamviewercake

Hackers are having their cake and eating your bank account. Source: TeamViewer/Twitter

What we don't know at this time is how it's happening. Although it seems to be the case of a flaw in the system somewhere, with even those with no-one on their contact list affected by the security breach, TeamViewer's latest comment is that there is no problem with its security.

It does however encourage everyone to use two-factor authentication, which can go a long way to preventing remote hacks of people's systems. We would double down on that recommendation, as well as making sure that TeamViewer does not run on start up and you don't leave your PC unattended or unlocked when it's running, just in-case.

We have reached out to TeamViewer to see if it has a response on the latest deluge of people claiming to have been hacked through its software. We will update this story as and when it responds.

Discuss on our Facebook page, HERE.

KitGuru Says: Are you one of the many people affected by the security hole in TeamViewer software? If so, let us know what your experience was. 

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems. 

38 comments

  1. Gary 'Gazza' Keen

    Pretty concerning. It was only until a few weeks ago I realized I had teamviewer to set turn on with windows after not using it for months and turning it off, though upon another check the teamviewer service process still likes to turn on on startup. I don’t usually leave my computer on unattended but more recently as I’m finishing up uni that’s been the case to ensure my work gets done from morning until night.

    Guess I’ll just have to hope for the best that nothing actually happened though my bank looks pretty normal xD

  2. I use Teamviewer to log into my personal computer from work for files. I got hacked at 4 in the morning about 3 weeks ago, and they bought 300 dollars worth of itunes cards. I have been arguing with ebay, paypal, and teamviewer ever since. Paypal says it came from my computer, so they are legitimate purchases, ebay says to dispute with paypal, and teamviewer just says “Your computer was accessed at 4 in the morning, please make sure to use two step verification.” The bad part is, I was using two step verification. This is a major pain in the butt.

  3. I was a victim. They breached my account via Teamviewer who has clearly had their database login info hacked. Because they attempted to steal money off of my Paypal as well. This was at around 1AM for me. I warned TeamViewer they’ve been hacked because my password is unique only to TeamViewer and not very easy to guess even with bruteforce.

  4. This also happened to us. We found this article by googling Teamviewer Hacked. Tons of hits with that. If you try Shareconnect hacked, you don’t get any results.

    I imagine the same with other RDP programs will reveal that it’s all about teamviewer being hacked. Otherwise if it was recycled passwords, then we’d see similar results for other programs.

  5. Teamviewer is either taking part of this or they’re denying they’ve been hacked. They’re either incompetent or the hacker was just good enough to not leave a log trail through their methods. Either way, I’ve been compromised on a unique password with them and that’s no coincidence… It’d be the same as if my bank account was hacked into. Either something fishy made it’s way into my sandbox to steal my password “Highly unlikely” or they got hacked into themselves. If several people are having these issues, I would go with the latter.

  6. I have to agree with there being a breach. I just assumed that I simply wasn’t vigilant with my password but the fact that this article shows up two days after it happened to me makes me suspect there was some kind of breach.

  7. If you want to stop the unwanted processes from running at startup follow these steps…
    1. Press the windows key
    2. Type the phrase “msconfig”
    (This opens a window that lets you customize a lot of things for startup)
    3. Select the “Selective Startup” option in the General tab
    4. Move on to the services tab
    5. Check the box at the bottom left that says “Hide all Microsoft serivces”
    (So that you don’t accidentally mess things up)
    6. Find any process that you don’t want starting up every time you boot, and remove the check from the box to the left of it

    The end.

  8. I would imagine those that have been “hacked” are people that got an email from someone@teamviewer asking for remote access rights. I have been sent a few of these emails recently. Most people would just click it and this would give the person who sent the email control of your teamviewer account.

  9. Same here… I caught someone on Teamviewer on My PC in the AM.. Buying iTunes cards off of Ebay. (The Instant type). I disconnected.. but reviewing history it looks like this has been going for a few weeks over 6 times. Checked my Paypal and Ebay accounts but no activity was shown. I assume they are using stolen credit card info..

  10. Human engineering works to ensnare too high a percentage of users. (The phishing emails).

    BTW, msconfig is a troubleshooting tool, NOT a computer management tool.

  11. Yes well I have just unloaded Teamviewer off 17 Computers. Subscriptions due in July. Tough, I am going elsewhere. Any company that denies and blames the customers is not to be trusted. Part of an admin job via remote is to be able to access the system at any time in a 24hour period in different world time zones.. Teamviewer like others has always on access feature. Tview’s point on being left unnattended is excactly why you use 3rd party remote software.

  12. ot had one of those, But if this was doing the rounds it is still the company responsability to ‘regulary’ inform their customers. Not sit on the fence. They send them a strong firm ‘reminder’ email when it is pay up money time? There is too much of this by big companies.

  13. correct.. and why should the customer have to do this anyhow? Another misconception by loads of peopel who like to fiddle on their comps. Many use their desktops as gthey should,to run tasks. They use the petrol and oil like everyone ( Malware / virus) But since when have they got to be mechanics. Thats why they work, to pay someone else to do that task.

  14. agree. why else be arrogant in their denials. Avoid them in the future at all costs.

  15. If in USA, no doubt they are shite scared of a ‘class’ action ?

  16. It happened to me on my macbook pro Saturday afternoon when I noticed the cursor was wandering on the screen. I immediately tried wrestling the control from the intruder, and managed to quit all the running applications. However, I was unable to quit Teamviewer, which was not supposed to be running in the first place. I force-quit it repeatedly only to see it sprung to life a second later. I was convinced the attack was done via Teamviewer.

    Multiple attempts were made to salvage the computer – disabling wifi, booting in safe mode, running anti-virus software and removing Teamviewer. Unfortunately, to no avail. The malicious code appeared to have been firmly planted.

    Yesterday, I brought the laptop to Apple Store and had it re-formatted. I changed all my email and banking login credentials just in case my info was stolen. It was a very frightening experience to say the least.

  17. Teamviewer saying they didn’t get hacked is ludicrous. How else did they get access? I’ve had a few locations that I support get hit and in each case it was a Teamviewer window opening and paypal being accessed.

  18. I just spent the last day removing TeamViewer on every machine that I use. I will never use them again especially with all the issues Paypal is causing with not even being supportive of those who’ve been hacked.

  19. because its ur money and ur own security. customer that doesnt do anything deserve to get hack and have money stolen.

  20. Instead of TeamViewer I use LiteManager it is more secure, and low cost

  21. Robert Kołodziej

    I don’t get the 2FA idea to protect against hacking. 2FA with TV only prevents someone logging in to Teamviewer application or web portal with your account (which in turn may prevent them from accessing the list of your saved connections). However it is not required (AFAIK) to protect against connections incoming to your installed TV. Once the ‘hacker’ has a working ID, I guess they just keep connecting until they crack the password. We’ve now setup whitelists on all our installations as well as enabled 2FA for all users. This should prevent both scenarios as our users’ logins are now protected, and any incoming connections have to be made from a logged in, whitelisted account.

  22. I used Teamviewer. At 4 in the morning on May 27, someone transferred money from my bank account to my PayPal account then sent money to 5 different places, totaling $1200. They were all labeled as “Sonicare Toothbrush” purchases.

  23. A year old story and you morons are still responding like it’s truth. Did you READ the story? It was updated.

    “TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side,” it said in a statement.”

    So if this happened to you, you’re a moron. I know, hard to believe it’s your fault and not someone else’s. Funny how millions and millions use it and only hundreds had this problem. Then again that’s what you get for getting your tech news at a site called kitguru dot net lol.

  24. well just read threw the comments about this, teamviewer is right, its the way people do things on line, things are left running to clicking on websites and emails and then someone steals all there passwords, i have been working on computers for along time, and well people dont pay attention to what they are doing. I mean really, fire wall pops up and says something, so you allow it, cuz its annoying or you just dont care to read what it says. Not running virus/malwre scanners, or paying attention to what is one the streen, so the guy that took them off his 17 computers and blames teamviewer, get a life bud. just get a life.

  25. Because my ass is broke all the time anyway, they were unable to gain anything from me when I was hacked in the AM on 5/28, but I can confirm I use 2 authentications and a very strong password. My guess is someone behind Teamviewer is looking for a quick cash grab, this has been known to happen by higher ups in big companies. Checked the connections_log.txt and I can confirm someone else’s ID was used to gain access to my machine. Threw away the old harddrive I had and upgraded to a new SSD because there was a wierd partition added to my old harddrive that I believe the hacker put in, it wouldn’t let me reformat it.

  26. Charlotte Patty

    Do you really need a professional hacker on your school result to make a better grade for you and make you happy more , maybe a trail may convince you about [email protected] cos he has really been a bomb in my life for this and helped me out so i have promise to promote and advertise his sense of humor about this and will surely help you out f this in all ways and make you great about having a better school grade result, all forms of hacking an account or you could also message him on # (415) 323-3542 or you can add him on his facebook I.D ‘David Timothy’….Try him and thank me later.

  27. I was a victim a month ago (May 16,2016)and I knew TeamViewer got hacked but even now they are denying it.There were 14 transactions amounting $3,400+ of PayPal and eBay purchases. From iTunes gift cards to apparels on eBay. I got my money back after a week through dispute. I tracked the items destination to a courier at LiuJian PMNUZAC 16785 NE Mason St, Suite B PORTLAND, OR 97230 that ships to China. LiuJian PMNUZAC is a “ex-employee” of the company (Birdex, Birdex.cn).

    I was not sure at first how I got compromised until 2 days after at 1 am, while i was working, my TeamViewer logged in, grabbed my mouse while someone was remotting to my computer using my own account.

  28. Do you really need a professional hacker on your school result to make a better grade for you and make you happy more or you need help in hacing any account what so ever it may be, possibly a trial may convince you about [email protected] because he has really been a god in my life for this and helped me out so i have promised to promote and advertise his sense of humor about this and he will surely help you out of this in all ways and make you hnappy about having a better school grade result. All forms of hacking an account is what he knows best ….Try him and thank me later.

  29. looking for hacker to help you with email , paypal , bank account , facebook , WU ETC
    Contact email : [email protected] or Skype : satish.anchan4

    good work

  30. Finally there’s hope for us all with crazy hacks that left us weighed down,he helped me trace and i recovered my money with the aid of the police.
    please don’t mess this up for others,i see him as a life saver ….contact [email protected]

  31. need a hacker for hire for all of your ethical hacks,school upgrade,money transfer,blank a.t.m’s,clear your credit scores.look no further than zlamir zhirkov at thewhitehackdemon@gmail or text him on +1(8283677582).He’s a guaranteed job well done and he’s got evidence for you as well.

  32. FRAUD FAKE RIP OFF TOTAL BS DO NOT TRUST

  33. To everyone out there i want to openly thank [email protected] for her service… She helped me from infidelity and lies of my cheating husband. She was able to hack his phone so i listen to every call he makes or receives, hacked his whatassp, email and Facebook …i know there are lots of people out there looking for proof and evidences about one thing or the other . Be open and confide in her so she can be at the best of her service to you. Do contact her via email [email protected]….Tell her Greg referred you for swift response.

  34. I’ve
    recently switched to free AEROADMIN and it looks good. It works behind NAT as well.

    You may want to do the same as soon as you try.

    Hope this helps

  35. We guarantee 100% clean job with no trace.
    Your identity will be hidden,
    Hacking is our job, for all your hacking need, please Email me on [email protected] o

  36. I’ve come to understand that genuine hackers always have tools handy to work with, no
    genuine hacker will ask you to pay for tools before your work is done, don’t fall for their
    lies, I have been jacked several times by all these fake assholes. So i met [email protected]
    he actually solved my problem, i was in dire need of a hacker to monitor my wife’s activities online,
    Pavel was able to reveal my infidel wife’s activities, for that I am grateful to him, he offers services
    ranging from Facebook, whatsapp, emails, Twitter, Kik, imo, cell phone, website hacks, changing DMV records,
    background checks, locating individuals, expunging criminal records and so much more, if you are in dire need
    of a hacker you should contact this man, he is smart with his services and takes payment at the point of delivery,
    i had to write this about him, tell him Wayne reviewed him when he starts asking questions.=

  37. Do you want to change your grades, get access to online examination questions before you write the examination, check what your partner is doing behind your back, get access to email, facebook, twitter, whatsapp, instagram and other social networking site? [email protected] will you get the job done excellently well

  38. I have used [email protected] quite a number of times and they have never disappointed me.They helped me monitor my Husband phone when I was gathering evidence during the divorce. I got virtually every information he has been hiding over the months easily on my own phone: the spy app diverted all his whatsapp, facebook, text messages, sent and received through the phone: I also got his phone calls and deleted messages. he could not believe his eyes when he saw the evidence because he had no idea he was hacked. they do all types of mobile hacks and computer hacks,you get unrestricted and unnoticeable access to your partner/spouse/anybody’s social account, email,E.T.C Getting the job done is as simple as sending an email to [email protected]