« previous next »
Pages: [1]   Go Down

Author Topic: Avast detecting outdatet AnyDesk files as malicios?!?  (Read 1282 times)

0 Members and 1 Guest are viewing this topic.

Offline Tom610

  • Full Member
  • ***
  • Posts: 126
Avast detecting outdatet AnyDesk files as malicios?!?
« on: February 06, 2024, 02:26:11 PM »
I guess most of you already know: AnyDesk has been compromised.

What I would expect from an endpoint in this case is that it will detect such outdated files. I assume that the related certificat is part of any AnyDesk files and installation befor febuary 02.02.2024. So where is the problem in detection such anydesk installations?
This case kind of reminds me of the 3CX security issue where Avast was then able to detect the unsecure 3CX files...
Logged

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5675
  • Spartan Warrior
Re: Avast detecting outdatet AnyDesk files as malicios?!?
« Reply #1 on: February 06, 2024, 09:02:57 PM »
Hello.

Here:  https://techcrunch.com/2024/02/05/remote-access-giant-anydesk-resets-passwords-and-revokes-certificates-after-hack/

and Here:  https://anydesk.com/en/public-statement

Appears as if AnyDesk was hacked and clients had their certificates and passwords reset by AnyDesk.  Access to their production servers was revoked and that is the only reported breach at this time.

It would appear client users may not have had their data compromised in this instance.  I would continue to monitor news updates for the next month or so to see if there are any changes in this hacking attack being reported.

They do have an email address you can contact in the second link posted above; you can post your concerns there.
Logged
Windows 10 Home 64-bit 22H2 Microsoft Windows Defender - Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.4.6112 (build 24.4.9067.762) UI version 1.0.803

Offline Tom610

  • Full Member
  • ***
  • Posts: 126
Re: Avast detecting outdatet AnyDesk files as malicios?!?
« Reply #2 on: February 09, 2024, 02:07:09 PM »
Anydesk is, who would have guessed it(?), quite busy. So it is almost sensless trying to contact them...

My attempt here is more intended from a general perspective. If we recall that those security issue already have happend in the past (3CX for instance) and will occur in the future I'd say: A modern endpoint security solution needs to take account into this!
From my opinion this can be accomplished by at least 2 steps:
1. Manually by enableing Avast settings/policies setup some kind of file blacklist. With this at hand we can easily blacklist files or applications like anydesk if a security issue occurs. If this approche can also be made by specific folder names it would be a good addition.
2. Avast itself is able to react on security issues like that either bei using some kind of AI or be enableing it's support personal to do so.

Yes this is tough stuff but for situations like that it would be really helpfull....
Logged
Pages: [1]   Go Up
« previous next »