Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Detecting security on TeamViewer allows hackers to steal the system password remotely
Recently, the TeamViewer remote control / connection software development team released an unscheduled update to patch a serious security vulnerability. If exploited, this vulnerability, codenamed CVE 2020-13699, allows hackers to remotely steal your computer's system password and then infiltrate it to perform malicious actions.
More worryingly, this attack can be performed almost automatically, without much need for victim interaction. Hackers only need to trick their victim into clicking on a link containing the malicious code once to complete the attack.
Detecting security holes on TeamViewer allows hackers to steal the system password remotely Picture 1 Users should promptly update TeamViewer to the latest version to avoid security risks TeamViewer is the most popular remote computer connection / control software in the world today. It allows the user to control someone else's computer or vice versa over the Internet, regardless of physical distance.
The CVE 2020-13699 vulnerability was discovered by researcher Jeffrey Hofmann. According to TeamViewer, the problem lies in how they cite their custom URL handlers, allowing hackers to redirect NTLM authentication requests to their systems.
In a nutshell, a hacker can use TeamViewer's URL scheme from a website to trick applications on the victim's system into establishing a connection to their remote SMB shareware. This process triggers an SMB authentication attack, which leaks the system's credentials to help hackers take control of the system or steal victim's data.
To exploit CVE 2020-13699, hacker will have to embed an iframe containing malicious code in a website and then trick the victim into accessing the URL of that website. After the victim clicks the URL, TeamViewer will automatically launch the malicious application on the victim's Windows computer and open the remote SMB share.
Next, the victim's Windows operating system will perform NTLM authentication when opening the SMB share and that request can be forwarded to execute the data, password stealing code.
To avoid being affected, TeamViewer recommends that users upgrade immediately to version 15.8.3. Previously, both Google Chrome, Zoom and Signal had been under an SMB authentication attack.
Jessica TannerYou should read it
- What is TeamViewer?
- Here's how to check if your TeamViewer account is hacked.
- Instructions for installing and using Teamviewer
- How to download the latest Teamviewer 14 for new users
- How to use Teamviewer without installation
- How to Use TeamViewer
- TeamViewer 15.1.5: Supporting software, free remote access
- Update Teamviewer now if you don't want to be hacked
- How to install and use TeamViewer on Linux
- Set a password for Teamviewer - Set a password for Teamviewer
- TeamViewer is attacked by Chinese hackers, any computer logged in can be controlled
- How to Install Teamviewer
Maybe you are interested
Serious vulnerability helps hackers attack Facebook accounts without the victim's actions
Are you a victim of the MOVEit breach?
Ransomware uses WinRAR to lock victim's data
Free Lorenz ransomware decryption tool helps victims recover stolen data
Android users easily become victims of AirTag tracking without even knowing it hay
A ransomware declared decommissioned and refunded the ransom to the victim
Hola VPN review: Free, but with a lot of security risks
Can the router be infected with a virus?
How to Track My Children's Phone without Them Knowing?
What is a Replay Attack?
Difference between Tor and VPN
What is PPTP (Point-to-Point Tunneling Protocol)?