German remote desktop software maker AnyDesk disclosed a security breach that impacted its production systems.
AnyDesk said in a press release that the incident is not related to ransomware.
Following the incident, the company revoked all security-related certificates and systems have been remediated or replaced where necessary. It is also working to replace the previous code-signing certificate for its binaries.
“Our systems are designed not to store private keys, security tokens or passwords that could be exploited to connect to end user devices. As a precaution, we are revoking all passwords to our web portal, my.anydesk.com, and we recommend that users change their passwords if the same credentials are used elsewhere,” the company said, adding that it has no evidence that any end-user devices have been affected.
While the company didn’t mention whether data was stolen in the incident, BleepingComputer reported that the intruders made off with source code and code-signing certificates.
When asked about the hack, AnyDesk said its software is designed in a way that session authentication tokens cannot be stolen. They only exist on the end user's device and are associated with the device’s fingerprint.
“These tokens never touch our systems,” AnyDesk said. “We have no indication of session hijacking as to our knowledge this is not possible.”