"Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks"

Attackers have used TeamViewer quite frequently to gain initial access to target systems. Organizations use TeamViewer to provide remote support, collaboration, and access to endpoint devices. Huntress researchers recently observed two attempted ransomware deployment incidents that involved TeamViewer. The attacks targeted two different endpoint devices belonging to Huntress customers. Both incidents involved failed attempts to install what appeared to be ransomware created using a leaked LockBit 3.0 builder. This article continues to discuss attackers' use of TeamViewer to infiltrate victim environments.

Dark Reading reports "Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks"

Submitted by grigby1

Submitted by Gregory Rigby on