Published on: June 1, 2016
Reports have been issued of TeamViewer being utilized by attackers to target bank accounts and other financial services. At this time, the extent of the exposure is unclear and the company has not confirmed the reports.
As an interim precaution, ISEA strongly suggests that TeamViewer users turn the service off entirely until further clarifications have been made, and/or revisit and tighten all network firewall or other ACL rules limiting access to the service as much as possible.
June 2nd Update:
Following a precautionary overnight network block on the TeamViewer service, the block has been automatically lifted at 8:00 am this morning (June 2nd). At this point, there is no further evidence to continue an active advisory and blocking of the service. The issue will be monitored by the ISEA team with the advice for users to continue auditing configurations for unauthorized changes.
At this time, we can return to standard operating procedure.