APT Group Attacks TeamViewer IT Corporate Network

Updated on 27/06/2024

TeamViewer's security team detected an irregularity in its corporate IT environment on 26th June and immediately activated their response team and procedures to initiate an investigation, a team of external professionals joined the effort.

The attack is attributed to the APT29 group, also known as Midnight Blizzard. This actor obtained the login credentials of one of TeamViewer's employees with access to the internal IT environment, but was quickly detected and isolated by the response teams.  

TeamViewer's internal IT environment is completely separate from the production environment used by its customers, so it is ruled out that customer data was affected. It also has a segregated architecture, preventing unauthorized access to other corporate resources.