IPVMU Certified | 05/24/16 02:34pm
Thank you for the information, time to go through the accounts again and change passwords. For those in the articles above it seems as though the hackers were looking to place orders using the account information that they have saved in their browsers, another example of why L/P shouldn't be auto saved.
Pro Focus LLC | 05/25/16 11:53am
Don't you still need the CVV2 code to make a purchase at most retailers? I know Amazon may be an exception to that, but most online stores do require it.
IPVMU Certified | 05/25/16 02:23pm
If there is any chance that your machine has been accessed don't change passwords on that machine as the hackers could well have installed a keylogger type app that reports all keystrokes back to them. The only safe way is to wipe the machine & reinstall everything. Not very palatable but there are no tools that can guarantee all malware has been removed.
Looks like more issues with Teamviewer
A little old (v7) but an in-depth analysis of Teamviewer's authentication protocol:
There are a few attack vectors that he specifically mentions. Hopefully they were patch in versions 7,8,9,10,11.
From Krebs, reporting that an American pizza chain, Cici's was impacted by team viewer hacks:
All of these attacks have been traced to social engineering/Team Viewer breaches because stores from SEVERAL POS vendors let supposed techs in to conduct ‘support
Pro Focus LLC | 06/26/16 07:40pm
I hope this isn't too off topic, but Splashtop recently added two factor authentication and this makes them a better candidate as an alternative to LMI/TeamViewer/etc.
My Teamviewer got hacked a couple months ago and $400USD was sent out via paypal.
I caught them in the act and disabled their sessions keyboard and mouse activity whilst I took photos.
I emailed my logs to teamviewer and they told me that it was my account that was logged, so I thought they just guessed my password.
So anyone running teamviewer on their home pc, make sure that 2FA is setup for emails and/or any money sending website (paypal etc...) and don't save passwords for the important sites...