Results 1 to 59 of 59

Thread: TeamViewer Hacked

  1. #1
    MRA Agent Extraordinar Skanda's Avatar
    Join Date
    Dec 2012
    Posts
    4,128
    Tuconots
    43

    TeamViewer Hacked

    Gonna post this here as a PSA for anyone here who may be using Teamviewer

    TeamViewer has been hacked. They are denying everything and pointing fingers at the users.

    There is apparently a massive hack going on right now using their software. Any Rerolled bros using it should be on the lookout.
    Quote Originally Posted by Mist View Post
    What we're talking about here is the fact that there's a ton of MRA sleepers inside GamerGate communities, and they're using GamerGate to give themselves cover for their shitposting.

  2. #2
    some sweet gravity AngryGerbil's Avatar
    Join Date
    Dec 2012
    Location
    spherical zoo
    Posts
    5,219
    Tuconots
    87
    So what is TeamViewer?

  3. #3
    sa da tay! radditsu's Avatar
    Join Date
    Dec 2012
    Location
    The Farm
    Posts
    3,333
    Tuconots
    48
    Out police software uses it for support.

  4. #4
    MRA Agent Extraordinar Skanda's Avatar
    Join Date
    Dec 2012
    Posts
    4,128
    Tuconots
    43
    Quote Originally Posted by AngryGerbil View Post
    So what is TeamViewer?
    It's a remote desktop program. Mostly used for IT support, though others use it so they can remote into their home PC when they're somewhere else. Basically it seems someone's figured out how to use it to remotely connect to anyone using the program and then looking for stored passwords on Internet browsers. They then log into Amazon/PayPal etc and steal what they can.
    Quote Originally Posted by Mist View Post
    What we're talking about here is the fact that there's a ton of MRA sleepers inside GamerGate communities, and they're using GamerGate to give themselves cover for their shitposting.

  5. #5
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    I got hacked and I got money taken out of my account. It is the worst type of intrusion as my home pc has everything saved... everything..

    I'm in the process of getting it back.

  6. #6
    some sweet gravity AngryGerbil's Avatar
    Join Date
    Dec 2012
    Location
    spherical zoo
    Posts
    5,219
    Tuconots
    87
    Damn that sucks. My local grocery chain got hacked and several of my friends got their checking/debit accounts drained. They didn't get me for some reason. Probably too broke. I think many were able to recover it but I do not envy you. Good luck getting your shit back Lenindoritos.

  7. #7
    Registered User Palum's Avatar
    Join Date
    Jan 2013
    Location
    ReRe
    Posts
    9,162
    Tuconots
    66
    Haha "we didn't get hacked the hackers just got the passwords from like Facebook maybe"

  8. #8
    MAKE EARTH EXTINCT AGAIN! Abefroman's Avatar
    Join Date
    Dec 2012
    Posts
    9,468
    Tuconots
    103
    Use it to keep my fathers computer up to date and clean and use it daily. Zero problems.
    Quote Originally Posted by Noodleface
    Marriage is the best, I love having sex with my husband and giving him BJ's when I'm on my period

  9. #9
    Adrenaline Junky TJT's Avatar
    Join Date
    Dec 2012
    Location
    Austin
    Posts
    2,250
    Tuconots
    10
    Yeah... thank god I just use Remote Desktop to get to my servers from home. Sorry leo, that sucks hard.
    "Let go your earthly tether. Enter the void. Empty, and become wind."
    -Zaheer
    B.Net: TJT#1179

  10. #10
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    I actually got it in real time. I got the chase alert about buying 4 Xbox memberships and I logged into my house from work, just to start a torrent, and bam saw the windows opened and then the connected client list was more than one.
    It was an "Oh fuck me" moment.

    Did you know you can see the passwords in Chrome for your websites? Yeah you can, all you need is the local windows password.

  11. #11
    Adrenaline Junky TJT's Avatar
    Join Date
    Dec 2012
    Location
    Austin
    Posts
    2,250
    Tuconots
    10
    How did they get your local password if it is just a remote connection though?
    "Let go your earthly tether. Enter the void. Empty, and become wind."
    -Zaheer
    B.Net: TJT#1179

  12. #12
    Registered User sadris's Avatar
    Join Date
    May 2016
    Posts
    606
    Tuconots
    6
    It's a daemon already running as root. And it's based on host id not user/pass

  13. #13
    MAKE EARTH EXTINCT AGAIN! Abefroman's Avatar
    Join Date
    Dec 2012
    Posts
    9,468
    Tuconots
    103
    I'm interested to see if this turns into another Diablo 3 hacking event or not.
    Quote Originally Posted by Noodleface
    Marriage is the best, I love having sex with my husband and giving him BJ's when I'm on my period

  14. #14
    Registered Dorf Kreugen's Avatar
    Join Date
    Dec 2012
    Posts
    5,842
    Tuconots
    46
    Pants-shitting mitigated by the fact that the service is only running on laptops that are usually turned off. I only use the client end on my PC.

    Still, need to disable ASAP.

  15. #15
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Quote Originally Posted by TJT View Post
    How did they get your local password if it is just a remote connection though?
    It's the same password as TeamViewer, I'm working under the worst possible scenario.

  16. #16
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Quote Originally Posted by sadris View Post
    It's a daemon already running as root. And it's based on host id not user/pass
    Do you have a source on this?

  17. #17
    The Lion of MMA Predictions Ameraves's Avatar
    Join Date
    Dec 2012
    Posts
    4,244
    Tuconots
    7
    They almost got me a couple weeks ago. I was out grabbing some lunch and my wife called me to ask if I was logging into the computer remotely. She was at the computer and said someone was on Ebay and trying to purchase $200 gift cards. I told her to close down TeamViewer, but she just closed the session for the person that was logged on. They immediately tried to come back on, and I told her to shut the program all the way down.

    I use this on my computer, my cousins computer, and my daughters. I am stuck being tech support for my whole family, and this was the easiest way for me to manage it. I've uninstalled it from their computers now, and don't have it start up on mine anymore.

  18. #18
    Registered Dragonlord Deathwing's Avatar
    Join Date
    Dec 2012
    Posts
    6,564
    Tuconots
    31
    Quote Originally Posted by lendarios View Post
    It's the same password as TeamViewer, I'm working under the worst possible scenario.
    Password sharing is not how you make 7 figures! Time to get yourself a password vault.

  19. #19
    Hard Truths Cut Both Ways AladainAF's Avatar
    Join Date
    Dec 2012
    Posts
    2,536
    Tuconots
    18
    Sorry to hear this lendarios, thanks for PSA post, already warned people that I know use it.

  20. #20
    Registered User Kiroy's Avatar
    Join Date
    Dec 2012
    Posts
    1,384
    Tuconots
    9
    This is fucked thank god i dont use auto login or passwod saving for anything.

    Edit. Wait they have our teamviewer pw

  21. #21
    Registered User sadris's Avatar
    Join Date
    May 2016
    Posts
    606
    Tuconots
    6
    Quote Originally Posted by lendarios View Post
    Do you have a source on this?
    The fact that I can connect without being prompted for a password?

  22. #22
    sa da tay! radditsu's Avatar
    Join Date
    Dec 2012
    Location
    The Farm
    Posts
    3,333
    Tuconots
    48
    fortunately we only use the quicklaunch version with the session # and four digit pin.

  23. #23
    MRA Agent Extraordinar Skanda's Avatar
    Join Date
    Dec 2012
    Posts
    4,128
    Tuconots
    43
    Quote Originally Posted by lendarios View Post
    Did you know you can see the passwords in Chrome for your websites? Yeah you can, all you need is the local windows password.
    You don't even need the Windows Password. From what that Reddit thread was saying these hackers are installing a program called Webbrowserpassview which will pull your saved passwords right out of whatever browser you have.
    Quote Originally Posted by Mist View Post
    What we're talking about here is the fact that there's a ton of MRA sleepers inside GamerGate communities, and they're using GamerGate to give themselves cover for their shitposting.

  24. #24
    Registered User Kedwyn's Avatar
    Join Date
    Dec 2012
    Posts
    3,767
    Tuconots
    15
    Use TeamViewer for tech support purpose for family and no issues. Although I don't allow them to use the saved password feature on their browsers. Not sure why anyone would do that in this day in age because if someone gets remote access you're completely fucked.

  25. #25
    scientia potentia est Cad's Avatar
    Join Date
    Dec 2012
    Location
    Highland Park
    Posts
    9,788
    Tuconots
    49
    If you keep your screen locked on OSX, even with VNC/remote admin unless your account password is the same as your VNC password (this would be insane) you can get screen access but can't unlock the screen/desktop.

    Does it not work that way in windows?

  26. #26
    Shiny
    Join Date
    Dec 2012
    Location
    Calgary
    Posts
    887
    Tuconots
    -8
    In windows you can set up your security policies pretty much however you like. People be lazy though so often access to one thing will give you access to many. For stuff like this breach they'll likely get nothing from most boxes but since they can likely rip through hundreds an hour, they will.

    As usual, you don't need to be completely protected, just slightly more secure than the next guy.
    ...

  27. #27
    Banned
    Join Date
    Dec 2012
    Posts
    6,505
    Tuconots
    -51
    Reminds me of a local bank where the ATMs used to have monitors over them. At night, they would regularly display a Windows "shutting down" screen, which was already pretty unprofessional. One night there was TeamViewer on the monitor, displaying the code that needed to be entered to access that computer. I couldn't believe it. Shortly after that, they just got rid of the monitors.

  28. #28
    Registered User Stave's Avatar
    Join Date
    Dec 2012
    Posts
    1,013
    Tuconots
    0
    I dodged a bullet on this one. No attempts at any breach on my computer. I wonder if they actually have the username/password for the people that got hacked, or if they just have some way to bypass login to get into people's accounts. Anyone know?

  29. #29
    Former Zombie suineg's Avatar
    Join Date
    Dec 2012
    Location
    Parents house
    Posts
    13,602
    Tuconots
    -23
    Quote Originally Posted by Stave View Post
    I dodged a bullet on this one. No attempts at any breach on my computer. I wonder if they actually have the username/password for the people that got hacked, or if they just have some way to bypass login to get into people's accounts. Anyone know?
    I am reading all over the place that 2FA doesn't stop them which means more than just user/pass.
    oderint dum metuant

  30. #30
    Hard Truths Cut Both Ways AladainAF's Avatar
    Join Date
    Dec 2012
    Posts
    2,536
    Tuconots
    18
    Quote Originally Posted by suineg View Post
    I am reading all over the place that 2FA doesn't stop them which means more than just user/pass.
    That's what makes TV's comments about the matter bunk. If people are getting into accounts with 2FA protection, it's on TV, its not just username/password carelessness.

  31. #31
    Registered User spronk's Avatar
    Join Date
    Dec 2012
    Posts
    6,926
    Tuconots
    114
    i uninstalled TV on all my family PCs including parents and siblings after I heard about this a few days ago and installed Chrome Remote Desktop instead. Turns out to work a little bit better for remote tech support anyways, while you have to be logged into chrome on the same account on both PCs (but you can have new windows with a diff login so no big deal) it seems just as good and has some stuff that actually works better for me, like alt-tab switches on your host PC instead of the remote PC and its not got little shitty windows all over the place while you are remoted in.

    RIP Teamviewer

  32. #32
    Registered User Borzak's Avatar
    Join Date
    Dec 2012
    Posts
    8,603
    Tuconots
    26
    MySpace was in the news this week for being hacked. I think the news is that MySpace was still around and worth hacking?

    http://www.refinery29.com/2016/06/112737/myspace-hack

  33. #33
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Quote Originally Posted by sadris View Post
    The fact that I can connect without being prompted for a password?
    In my case you need a password to connect to the pc. Hopefully we get more info soon. Lucky my pc has been off for the better rlpart of the last 2 weeks due to moving. I also enabled 2fa. Hopefully it helps.

  34. #34
    Registered User Unidin's Avatar
    Join Date
    Dec 2012
    Location
    Seattle, WA
    Posts
    261
    Tuconots
    11
    Quote Originally Posted by Borzak View Post
    MySpace was in the news this week for being hacked. I think the news is that MySpace was still around and worth hacking?

    http://www.refinery29.com/2016/06/112737/myspace-hack
    People are lazy and reuse passwords. Hack myspace, go to gmail check password. Go from there to reset everything else they use.

  35. #35
    Registered Dragonlord Deathwing's Avatar
    Join Date
    Dec 2012
    Posts
    6,564
    Tuconots
    31
    This is why people need a password vault. I think we've discussed the typical setup in a different sub forum, but it might be worth repeating here. Once you do the initial setup and change all your passwords, it's really not that much less inconvenient than storing your passwords in a web browser.

  36. #36
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Quote Originally Posted by Skanda View Post
    You don't even need the Windows Password. From what that Reddit thread was saying these hackers are installing a program called Webbrowserpassview which will pull your saved passwords right out of whatever browser you have.
    this was confirmed on my logs.

    lovely.

  37. #37
    Registered User Koushirou's Avatar
    Join Date
    Dec 2012
    Location
    Henrietta, NY
    Posts
    346
    Tuconots
    8
    Luckily my BF found this on reddit and just happened to tell me about it (he didn't really know what TV was). I had TV installed on all the computers for my family business so they could check stuff across stores and so I could remote in to do fixes and maintenance since I live in another state. None of the employees noticed any Tv screens when they came into work the next morning thankfully and my father checked all our bank accounts and they looked fine. Could have been bad for sure, though.

  38. #38
    Registered User lost's Avatar
    Join Date
    Dec 2012
    Location
    813
    Posts
    819
    Tuconots
    8
    Yeah I use this too, but my pws for teamviewer and my computer list(tv account) are different (figured incase this happened) than my usual pws.. havent seen any unusual charges, was home friday.

  39. #39
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Quote Originally Posted by Koushirou View Post
    Luckily my BF found this on reddit and just happened to tell me about it (he didn't really know what TV was). I had TV installed on all the computers for my family business so they could check stuff across stores and so I could remote in to do fixes and maintenance since I live in another state. None of the employees noticed any Tv screens when they came into work the next morning thankfully and my father checked all our bank accounts and they looked fine. Could have been bad for sure, though.
    wait.. are you a girl?

  40. #40
    sa da tay! radditsu's Avatar
    Join Date
    Dec 2012
    Location
    The Farm
    Posts
    3,333
    Tuconots
    48
    Quote Originally Posted by lendarios View Post
    wait.. are you a girl?
    dont be so gender binary you fucking shitlord. check your privilege.

  41. #41
    Registered User
    Join Date
    Dec 2012
    Posts
    5,504
    Tuconots
    -1
    on the plus side, chrome remote works nice.

  42. #42
    Registered User
    Join Date
    Dec 2012
    Posts
    417
    Tuconots
    1
    I prefer Splashtop myself

  43. #43
    Registered User
    Join Date
    Dec 2012
    Posts
    3,849
    Tuconots
    12
    Been using LogmeIn for a couple years now. They got rid of their free options a while back, but I just paid the $100 for a year, as it's great. Then again, if you were trying to do Tech support on your entire family, it'd get pricey, but I only had 2 computers to use it on.

  44. #44
    Former Zombie suineg's Avatar
    Join Date
    Dec 2012
    Location
    Parents house
    Posts
    13,602
    Tuconots
    -23
    If you are looking for a free solution out there look into Guacamole. It takes some effort to get up and running but you can be a troubleshooting fool when done.
    oderint dum metuant

  45. #45
    Delicious Noodles Noodleface's Avatar
    Join Date
    Dec 2012
    Location
    MA
    Posts
    19,187
    Tuconots
    63
    I've never trusted TV/VNC apps, I always use remote desktop.
    Noodleface#1412 - <Rerolled> US-Hyjal Horde - Noodleface

    Follow me on Twitch! - Streaming Rerolled minivan dad raids Friday nights 9PM EST and Saturday mornings 11AM EST!

  46. #46
    Registered Dragonlord Deathwing's Avatar
    Join Date
    Dec 2012
    Posts
    6,564
    Tuconots
    31
    This is why I SSH everywhere. 80 character width is all you need.

  47. #47
    Megistered Jooserockey Eomer's Avatar
    Join Date
    Dec 2012
    Location
    Alberta
    Posts
    5,214
    Tuconots
    25
    Quote Originally Posted by Deathwing View Post
    This is why people need a password vault. I think we've discussed the typical setup in a different sub forum, but it might be worth repeating here. Once you do the initial setup and change all your passwords, it's really not that much less inconvenient than storing your passwords in a web browser.
    Which do you recommend? Been meaning to set one up for years. It's actually shocking that I've never been hacked, as my password game is incredibly week. I basically use the same couple passwords on damn near everything.

  48. #48
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    last pass is not bad.

  49. #49
    Lurker Rehab Denamian's Avatar
    Join Date
    Dec 2012
    Posts
    646
    Tuconots
    3
    I use KeePass and keep a copy of the file in my dropbox. It's free and works well enough that I don't bother looking for a simpler solution.

  50. #50
    Registered Dragonlord Deathwing's Avatar
    Join Date
    Dec 2012
    Posts
    6,564
    Tuconots
    31
    Quote Originally Posted by Eomer View Post
    Which do you recommend? Been meaning to set one up for years. It's actually shocking that I've never been hacked, as my password game is incredibly week. I basically use the same couple passwords on damn near everything.
    I use KeePass. I think password vaults have been discussed in the tech subforum but should probably repeat this elsewhere.

    Like Denamiam, I store my vault on a cloud drive. Yes, someone could hack your Dropbox or Google Drive or whatever and get your passwords but there's a few things you can do to make this almost impossible even if they get your vault.

    Make the password to your vault really long. Like the intro paragraph to Star Wars. Something easier to remember than pUm4&screw!driver and harder for someone to brute force. Yes, you have to remember ANOTHER password but now you can forget all the passwords to websites and such. Use the password vault to generate really long random passwords then use it to logon to websites for you.

    Force the password to your vault to go through X amount of transforms before allowing entry. This is essentially a delay on how often someone can enter a password and it's what makes brute forcing your vault almost impossible. It's measured in the equivalent cpu cycles for your computer would equal X seconds.

    Use a key file. This is essentially a second password that's cryptographically stronger than any password you could remember. Store it on a usb drive somewhere then lock it up. Only manually put the key file on devices you want to use your vault.

    If you want details on how to set all these up, I can look into it more. It's my setup, so I know it's all possible. It sounds like a lot, but really it's only inconvenience is that you have to open KeePass, wait ~5 seconds, then you can it automatically go to a website and enter your username and password. It's worth it for making 32 character unique passwords for all your websites.

  51. #51
    Him Void's Avatar
    Join Date
    Dec 2012
    Posts
    4,618
    Tuconots
    64
    Quote Originally Posted by Denamian View Post
    I use KeePass and keep a copy of the file in my dropbox. It's free and works well enough that I don't bother looking for a simpler solution.
    That's exactly what I do. With Dropbox on my phone as well, I always have access to my passwords if I need it.

  52. #52
    Registered User
    Join Date
    Dec 2012
    Posts
    5,504
    Tuconots
    -1
    anything wrong w/ just using lastpass (premium so it works on mobile too)?

  53. #53
    Registered Dragonlord Deathwing's Avatar
    Join Date
    Dec 2012
    Posts
    6,564
    Tuconots
    31
    I don't have much experience with lastpass, but from a security standpoint, it looks pretty similar to keepass. I don't know how the synchronization is done, there could be a security flaw there, but probably only if it's done through some centralized lastpass servers.

  54. #54
    Registered User Kedwyn's Avatar
    Join Date
    Dec 2012
    Posts
    3,767
    Tuconots
    15
    Quote Originally Posted by lanx View Post
    anything wrong w/ just using lastpass (premium so it works on mobile too)?
    That is what I use. Love it

  55. #55
    The King of Beers Araxen's Avatar
    Join Date
    Dec 2012
    Posts
    4,195
    Tuconots
    18
    I use lastpass w/premium and it's great.
    PSN: Araxen, Xbox Live: Araxen II, WiiU: Araxen, Steam: Araxen

  56. #56
    Registered User
    Join Date
    Dec 2012
    Posts
    5,504
    Tuconots
    -1
    For any of you cheapo's you can get 6months free lastpass w/ a .edu email
    LastPass - LastPass <3's Students

  57. #57
    Registered User
    Join Date
    Dec 2012
    Posts
    3,849
    Tuconots
    12
    I think I have a TV account, but don't use it. Just got an email about an account login confirmation. It's all in Chinese and the sign in is from Beijing. Since I don't use it and it's not running on my computer, I should be ok, right?

  58. #58
    The Retarder lendarios's Avatar
    Join Date
    Dec 2012
    Location
    Miami, FL
    Posts
    3,097
    Tuconots
    -7000001
    Log in and enable two factor authentication.

  59. #59
    Registered User Dandai's Avatar
    Join Date
    Dec 2012
    Posts
    2,887
    Tuconots
    16
    Thanks for the heads up on this. I uninstalled TV on all my machines.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •