TeamViewer identifies a security breach attributed to Russian cybercriminals Midnight Blizzard

June 28 (Portaltic/EP) –

TeamViewer has identified a cyberattack linked to employee account credentials attributed to Russian cybercriminal group Midnight Blizzard, although there is no evidence at this time that it has affected the product environment or customer data.

TeamViewer is a ‘software’ that allows remote access to equipment, such as computers, to control them and provide remote support. In this sense, it is a platform commonly used in business environments.

The company has shared that last Wednesday, June 26, its security team detected an irregularity in TeamViewer’s internal corporate computing environment and that they immediately activated their response team and investigation procedures to “implement the necessary corrective measures.”

After continuing to investigate alongside other “world-leading” cybersecurity experts, the company has now concluded that this is a cybersecurity attack linked to the credentials of an employee account, within the corporate IT environment.

This is how TeamViewer has transferred it in a statement on its websitein which it has also detailed that, together with its external incident response support, they have attributed the malicious activity to the malicious actor known as APT29 or Midnight Blizzard.

Specifically, as has been learned in investigations of cyberattacks on other entities by the same malicious actor, it is a group of Russian cybercriminals that acts backed by the government, since they work as spies for Russian intelligence.

In this sense, TeamViewer has detailed that, according to the current findings of the investigation, the attack was contained within the corporate environment, so there is no evidence that cybercriminals gained access to the product environment or customer data.

The company also stressed that it keeps all servers, networks and accounts “strictly separate” in order to “help prevent unauthorized access and lateral movement between different environments” in the context of these attacks.

TeamViewer concluded by highlighting the importance it attaches to the security of its customers, and has assured that it will maintain “transparent communication” with the parties involved in the incident. It will continue to update the status of its investigations in its Trust Center.