TeamViewer, a prominent provider of remote access tools, confirmed a cyberattack on its corporate network attributed to Russian intelligence-backed hackers, specifically APT29 (also known as Midnight Blizzard). The company stated that the intrusion began on June 26 through the credentials of a standard employee account.
TeamViewer assured that the breach was contained to its corporate network, with no evidence suggesting access to its product environment or customer data. The company declined to provide details on the extent of data accessed or exfiltrated.
Known for its remote access capabilities, TeamViewer serves major clients like DHL and Coca-Cola and facilitates remote access to over 2.5 billion devices globally. However, the software is also a target for malicious hackers.
The U.S. government and security researchers have linked APT29 to Russia’s foreign intelligence service, the SVR, which is known for long-running espionage campaigns. Recently, APT29 also compromised Microsoft’s corporate network, stealing emails from top executives.
The U.S. government previously blamed APT29 for the SolarWinds cyberattack, which targeted U.S. federal agencies. The Russian hackers planted a backdoor in SolarWinds’ software, gaining access to numerous networks, including the Treasury, Justice Department, and the Department of State.
