May 23, 2016. A recent article warns, “TeamViewer users have had their bank accounts emptied by hackers gaining full-system access”. TeamViewer is appalled by any criminal activity; however, the source of the problem, according to our research, is careless use, not a potential security breach on TeamViewer’s side. Therefore TeamViewer underscores the following aspects:
  1. Neither was TeamViewer hacked nor is there a security hole
  2. TeamViewer is safe to use and has proper security measures in place
  3. Our evidence points to careless use as the cause of the reported issue
  4. A few easy steps will help prevent potential abuse
Ad 1.) As always when we receive alerts about potential security alerts, we look at the issue at hand. This is what we have done in this case: There is no evidence to suggest that TeamViewer has been hacked. Neither do we have any information that would suggest that there is a security hole in TeamViewer. Therefore it it is important to stress there are no TeamViewer hackers, but rather data thieves that will steal information from other sources. It is critical to make sure attention is not diverted from the real issue.
Ad 2.) TeamViewer is safe to use, because TeamViewer has proper security measures in place including end-to-end encryption to prevent man-in-the-middle attacks, anti-brute-force means, and more. Additional information about TeamViewer’s security is available at: https://www.teamviewer.com/docs/en/TeamViewer-Security-Statement-en.pdf
Ad 3.) Unfortunately, users are still using the same password across multiple user accounts with various suppliers. While many suppliers have proper security means in place, others are vulnerable. The latter ones tend to be targeted by professional data thieves. As TeamViewer is a widely spread software, many online criminals attempt to log in with the data gained from compromised accounts (obtained via the aforementioned vulnerable sources), in order to discover whether there is a corresponding TeamViewer account with the same credentials.
Storing or caching of account credentials in your browser is yet another example of careless use. The security means to protect such sensitive data do not suffice to guarantee an acceptable level of security. Additionally, cybercriminals may use certain tools to identify and visualize sensitive data in the browser.
Ad 4.) TeamViewer encourages users to …
  1. … create different passwords for each account
  2. … not share your passwords.
  3. … change passwords regularly.
  4. … not use personally identifiable information for passwords.
  5. … use two factor authentication: https://www.teamviewer.com/en/help/402-How-do-I-activate-deactivate-two-factor-authentication-for-my-TeamViewer-account.aspx
  6. … use password safes.
The TeamViewer support team is happy to answer any potential technical issues or queries at: 
https://www.teamviewer.com/en/support/contact/submit-a-ticket/
TeamViewer recommends that users who have been the victim of criminal activities get in touch with their local police departments, in order to report their case. This is particularly important because TeamViewer is subject to very strict data protection and privacy regulations, and can release sensitive data only to authorized individuals and authorities.