Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Detecting security on TeamViewer allows hackers to steal the system password remotely
Recently, the TeamViewer remote control / connection software development team released an unscheduled update to patch a serious security vulnerability. If exploited, this vulnerability, codenamed CVE 2020-13699, allows hackers to remotely steal your computer's system password and then infiltrate it to perform malicious actions.
More worryingly, this attack can be performed almost automatically, without much need for victim interaction. Hackers only need to trick their victim into clicking on a link containing the malicious code once to complete the attack.
Users should promptly update TeamViewer to the latest version to avoid security risks TeamViewer is the most popular remote computer connection / control software in the world today. It allows the user to control someone else's computer or vice versa over the Internet, regardless of physical distance.
The CVE 2020-13699 vulnerability was discovered by researcher Jeffrey Hofmann. According to TeamViewer, the problem lies in how they cite their custom URL handlers, allowing hackers to redirect NTLM authentication requests to their systems.
In a nutshell, a hacker can use TeamViewer's URL scheme from a website to trick applications on the victim's system into establishing a connection to their remote SMB shareware. This process triggers an SMB authentication attack, which leaks the system's credentials to help hackers take control of the system or steal victim's data.
To exploit CVE 2020-13699, hacker will have to embed an iframe containing malicious code in a website and then trick the victim into accessing the URL of that website. After the victim clicks the URL, TeamViewer will automatically launch the malicious application on the victim's Windows computer and open the remote SMB share.
Next, the victim's Windows operating system will perform NTLM authentication when opening the SMB share and that request can be forwarded to execute the data, password stealing code.
To avoid being affected, TeamViewer recommends that users upgrade immediately to version 15.8.3. Previously, both Google Chrome, Zoom and Signal had been under an SMB authentication attack.
Jessica TannerYou should read it
- Instructions for installing and using Teamviewer
- How to download the latest Teamviewer 14 for new users
- How to use Teamviewer without installation
- How to Use TeamViewer
- TeamViewer 15.1.5: Supporting software, free remote access
- Update Teamviewer now if you don't want to be hacked
- How to install and use TeamViewer on Linux
- Set a password for Teamviewer - Set a password for Teamviewer
May be interested
- Update Teamviewer now if you don't want to be hacked
teamviewer has released an emergency patch that allows hackers to take control of the computer when they are in the remote control session. - Instructions for remote USB access using TeamViewerwith teamviewer software, you can remotely control a computer to view files, run programs, troubleshoot problems, and access data from a usb device attached to a pc. the software also allows file transfers between devices, providing flexibility and efficiency when working or studying remotely.
- Microsoft has a group of 'elite' hackers that specialize in attacking Windows to keep the operating system safetheir mission is to attack to find security holes on windows, report to microsoft to research and release patches before the crook takes advantage of them for bad purposes.
- Detecting vulnerabilities in Snapdragon chips allows hackers to penetrate nearly every Android smartphone via wifisecurity researchers have discovered two separate holes on the snapdragon chip that allow hackers to simply connect to the same wi-fi network with their phones or other technology items running the android operating system. occupy device access.
- Detecting a Thunderbolt flaw allows a hacker to steal system data for 5 minutesrecently, international security researcher bjorn ruytenberg unexpectedly discovered a vulnerability called 'thunderspy' that exists in thunderbolt ports, allowing hackers to easily steal data.
- A serious security error appeared on Android that allowed hackers to control smartphones through a photoa serious security hole on the android operating system has just been discovered, which can help hackers run malicious code and control smartphones remotely by displaying a png image file (portable network graphic).
- How to set a fixed password on Teamviewerwhen setting a fixed password on teamviewer, users will easily access by entering the id and password.
- TeamViewer is attacked by Chinese hackers, any computer logged in can be controlledteamviewer - a remote control tool used by a lot of people, has been hacked by chinese hackers.
- Check the security of the passwordin the face of so many security vendors announcing that hackers now hold a large number of users' accounts, microsoft programmers have developed a predictable project. get a password so that users can see if their password is easy to guess.
- Detect 2 serious security holes in the Zoom applicationrecently, cisco talos security researchers have discovered two serious security holes in the zoom application. these vulnerabilities allow hackers to attack and infiltrate the computers of people in the group chat.
Hola VPN review: Free, but with a lot of security risks
Can the router be infected with a virus?
What is a Replay Attack?
Difference between Tor and VPN
What is PPTP (Point-to-Point Tunneling Protocol)?
Instructions for installing and using Authy