LockBit 3.0 virus takes advantage of TeamViewer to encrypt data
03:50:00 | 15-04-2024

TeamViewer is a legitimate, commonly used remote access tool. However, hackers can take advantage of this tool to access devices in the system, install data encryption viruses, malware... by exploiting users' leaked login information. user.

Recently, Bkav received requests for support from a number of businesses whose entire data was encrypted by a virus. The cause of the incident was because the TeamViewer software on this business's shared computer had the default password set. Hackers collected and remotely logged directly into the computer (remote), installed the infamous LockBit encryption virus right on the desktop and executed malicious code. All business data is encrypted, production and business activities are stagnant, hackers demand a large sum of money to restore data...

According to Bkav experts, users' subjectivity and neglect of security are still "deadly points" leading to loss of system security. “ Employees within organizations and businesses are often caught off guard when using TeamViewer. For example, they set IDs and passwords to match many different software and applications on shared computers, or send TeamViewer account information to each other through many chat channels, emails... and accidentally reveal it ," Mr. Nguyen Tien Dat said. , General Director of Bkav's Malware Research Center (AntiMalware), said.

Experts recommend that users be careful in sharing IDs and passwords via email and social networks, do not set weak default passwords, and do not let TeamViewer mode start with the computer because then the ID and Password remains unchanged.