"Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks"
"Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks"
Attackers have used TeamViewer quite frequently to gain initial access to target systems. Organizations use TeamViewer to provide remote support, collaboration, and access to endpoint devices. Huntress researchers recently observed two attempted ransomware deployment incidents that involved TeamViewer. The attacks targeted two different endpoint devices belonging to Huntress customers. Both incidents involved failed attempts to install what appeared to be ransomware created using a leaked LockBit 3.0 builder.