Subscribe to our newsletter and stay informed

Check out our list of top companies

Check out our carefully compiled lists of the most relevant and impactful companies within their fields.

Check out our list of top unicorns

Read and learn about the biggest companies that various countries have produced, how they made it, and what the future looks like for them.

TeamViewer Confirms Russian Cyber-Espionage Breach in Corporate IT Network

Renowned Cozy Bear hackers implicated in latest cybersecurity incident, according to TeamViewer
July 1, 2024

TeamViewer, the popular remote-desktop software provider, recently disclosed a breach in its corporate IT network, attributing the attack to Russian intelligence group Cozy Bear, also known as APT29 or Midnight Blizzard. The breach, which was detected last Wednesday, has been confirmed by external cybersecurity investigators to have originated from a compromised employee login.

Initially, TeamViewer reported an "irregularity" within its IT systems but provided minimal details. However, the latest investigation reveals that the sophisticated cyber-espionage group Cozy Bear infiltrated the network using the credentials of a standard employee account.

"Current findings of the investigation point to an attack on Wednesday, June 26, tied to credentials of a standard employee account within our corporate IT environment," TeamViewer stated. "Based on continuous security monitoring, our teams identified suspicious behavior of this account and immediately put incident response measures into action. Together with our external incident response support, we currently attribute this activity to the threat actor known as APT29 / Midnight Blizzard."

Cozy Bear, infamous for high-profile cyber-attacks, including the US Democratic National Committee breach in the 2010s and the recent compromise of Microsoft’s network, is known for its sophisticated and persistent espionage tactics. Their involvement in the TeamViewer incident has raised significant concerns within the cybersecurity community.

Despite the severity of the breach, TeamViewer assured users that the attack was confined to its non-production systems. "Based on current findings of the investigation, the attack was contained within the corporate IT environment, and there is no evidence that the threat actor gained access to our product environment or customer data," the company emphasized.

With over 600,000 customers worldwide relying on TeamViewer to remotely control and manage various devices, the potential implications of such a breach are alarming. However, TeamViewer's prompt response and ongoing investigation aim to mitigate any further risks and reassure their user base.

As cyber threats continue to evolve, this incident underscores the critical importance of robust cybersecurity measures and vigilant monitoring to protect sensitive information and infrastructure from advanced persistent threats like Cozy Bear.

More about:  |

Last related articles

chevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram