After recent incidents of security breaches, TeamViewer is working hard to fix loopholes and sanitize their apps to prevent any further attacks. The company has introduced a Trusted Devices feature, which prompts users to reset their passwords if their system detects any suspicious activity. This feature will request users to approve new devices when they attempt to log in for the first time.
TeamViewer will automatically issue an email to users as and when they attempt to login to their account using a new device, which is different from the previously used device, as per the newly introduced in-app notification feature. If the concerned person fails to authenticate by logging to their inbox and clicking on the link, they will not be granted access to their account.
Moreover, TeamViewer will also automatically scan user accounts when the relevant user attempts to login from a new location, which is different from the previous location/country. When the user meets a certain threshold of suspicious activity as outlined by the company, TeamViewer will flag the account for a password reset, which is mandatory.
According to a leading tech portal, there are several complaints about TeamViewer across various social media platforms regarding serious security violations.
The fact is that attackers are logging into users computers via TeamViewer and figuring out their time zones. They sneak into the computers during late night, login to the computers and do all sort of unpleasant activities on the users systems when then the actual user is not at all doing any work.
Even though users initially thought that it might be an isolated incident, they came to know about it when an unknown user saw an attacker moving the cursor after attacking the system.
According to original TeamViewer users, they lost a huge amount of money since their bank accounts were drained, PayPal account compromised. Moreover, the attackers also purchased gift cards using their financial details.
In the meantime, TeamViewer has revealed that even though their servers were under DoS attack, the internals was not compromised. They put the fault on users stating that majority of them are using weak passwords and passwords used more than once.
To prevent any attacks in future, TeamView has asked all users to activate two-factor authentication with challenge and response codes. Moreover, users should select a strong password that is complex and hard to reproduce by any stranger.
