I woke up to the splash that says “thanks for playing fair,” since I use the free version. Only my brother and my dad are on my contacts list, and I help them with their issues. Brother is out of town, and dad only runs team viewer when I need him to, so both were offline.
Checked my bank account and 2 one-year amazon prime subs were bought. At the bottom of the contact list was some random jibberish from the last contact. Ran anti-crapware programs and went through the process of changing all the passwords on all the sites I care about and use still, but I thought I would let you all know that this is happening. Some of these Teamviewer hackers apparently don’t need you to be a contact anymore. My bank, Amazon, and Teamviewer have all been contacted. Waiting for Teamviewer’s response to my email on Monday since the phone line is closed on weekends.
Same here, hacked my teamviewer and got right into my open browser with Amazon Prime and went to town for over $1000 in gift cards sent to my own email. Again the browser was open. Stupid on my part, but I did have 20 minute lock windows screen but they got in right after I walked away at night.
There are A LOT of cases with similar issues in the past 1 week. Check other Reddit boards and TeamViewer Forums, they are lighting up with similar issues.
Just hit me too. 100usd gone. Contacted PayPal. They went all my contacts on teamviewer too, but they had nothing to take since they are just test servers.
Yeah when I looked at the order history, Amazon has prime membership gifts marked as non-refundable. I was a little worried I wasn’t going to get it back, but they worked with me. I should get it all back by Tuesday.
I too am impressed, and I hope Teamviewer acknowledges this and fixes it soon.
It was despite that. I had unattended access set up for my PC from my laptop, and I think that is what they are exploiting. My dad & brother I have them give me the random password since I’m usually on the phone with them anyways.
Yeah about that… just look at their twitter replies. It’s almost all denials that there is a breach. Looks like it’s been going on for a couple weeks and they’re just pretending it isn’t happening. Never again. Just spent 3 hours on the phone with bank/paypal/google/etc cancelling charges and what not. Zero trust in TeamViewer.
I still like TeamViewer as an RDP client because of all the additional features, but I’ve locked down TeamViewer to only accept incoming connections from LAN IPs, so now I’ll be using my home VPN to connect to my network and then directly control my PC.
There is no breech. Stop spreading FUD. Its weak security settings on your end. the default 1 time use password is 4 characters long, and there is no whitelist, meaning anyone with your IP can start trying to log in. On top of that, the default install does not have the 1TUP rotate on each try, so it stays the same, making a brute force really easy to pull off.
start with this. Did you ever change your master password from the breech last year? did you use the same password on the lastpass account that you had anywhere else?