AnyDesk has emphasized the safety of all its remote monitoring software versions obtained from legitimate sources, as well as noted the lack of any evidence suggesting any customer data compromise following a cyberattack last week, which it said only affected relay servers in Spain and Portugal, according to The Record, a news site by cybersecurity firm Recorded Future.
With such servers not allowing user private key, password, and security token storage, any credential breach was only a "theoretical risk," said AnyDesk, which noted that forced password resets have only been done as a precautionary measure.
"Even to read credentials from these extremely limited connections, the attackers would have had to rewrite the very extensive code of our software in the very short time available, trick users into using a fake version of our software, and then have them enter their password. This seems unlikely, although not impossible," noted AnyDesk.
The ongoing distribution of malicious software or malware via its tool has also been dismissed by AnyDesk.