Anydesk Computer



Why do I have a program on my computer I don't know about it is anydesk, also how can I get rid of it. Please help me This thread is locked. You can follow the question or vote as helpful, but you cannot reply to this thread.

Scammers mixed together a malicious cocktail of social engineering, SIM-swapping, and remote desktop software to empty the bank accounts of at least three victims.

Anydesk Computer App

AnyDesk is the world's fastest most comfortable remote desktop application. Access all your programs, documents and files from anywhere, without having to entrust your data to a cloud service. AnyDesk needs to be installed or with the portable version open on a Windows online computer to allow remote access. Under these conditions, simply ask the host for the identifying number on the left side of the screen, enter this number in the “Other desktop” field and click “Connect”.

In total, victims lost more than $350,000. They were likely swindled by the same individuals since the modus operandi and some details were the same in all three cases.

Remote access to sensitive info

The scams happened over the summer in Budapest and started with the ruse of a well-located apartment offered for sale below the market value.

Enticed by the offer, the victims showed their interest and responded to the ad, learning that the lower price was because the owner, who was living abroad, needed money urgently.

A “relative” of the owner acted as an intermediary for the transaction and promised potential victims more pictures of the property than shown in the original online ad, along with a video.

In two cases, the scammer convinced the victims to install AnyDesk remote desktop application to transfer the pictures and videos, Hungarian publication 24 reports.

Since AnyDesk is legitimate software, and the victims downloaded it directly from the developer’s website, there was no reason to suspect foul play.

The fraudster maintained access to the victim computer even after transferring the files and could search for sensitive info (documents, passwords, personal details) that would help them further in their scheme.

The goal was to log into the victim’s bank account and steal available funds; but with two-factor authentication (2FA) turned on, they also needed access to incoming messages on the mobile phone.

Connection lost

So they ran a SIM-swap scam, essentially tricking mobile service provider employees into activating a new SIM card with the victim’s phone number. At this point, the original SIM card becomes inactive and loses connection to the network.

At the same time, the fraudster’s new SIM gets all the victim’s calls and messages, including the 2FA code for logging into the bank account.

In at least one instance, the scammers converted the money to cryptocurrency, to make it more difficult to track.

With access to the victim's SMS and with online banking credentials in hand, the scammer could access the victim's bank account and drain it as if they were the legitimate owner.

Another way would be to log into the banking account using the remote connection to the victim's computer, provided it's turned on.

The SIM-swap scam has been rampant over the past years, causing victims across the world and millions of US dollars in losses. If fraudsters can’t bypass the security implemented by the mobile service provider, they often pay employees to replace the cards.

With so many services, banks included, still checking the authenticity of a login through SMS verification, it is easy to see why SIM-swapping wreaked havoc lately.

Related Articles:

Security Tab in Settings

See also: Security Settings

AnyDesk provides the solution to agree upon an unattended password, so that the remote client doesn't need to be present to accept a request to enter a session.

Note: AnyDesk also connects to the Lock Screen or Login Screen prior entering the windows session, when either is installed or runs as Administrator / is elevated.

The default setting (no password set in the security options) will not allow unattended connections to your computer. Connection requests must be accepted from the physical console of the client being controlled.In the Main Window, open the Menu and click Settings. Switch to the Security Tab:

Anydesk Laptop

Before changing your Security Settings, you have to confirm administrative privileges. Click Unlock Security Settings, confirm the UAC-prompt and continue in the appearing Admin settings window. All settings can now be modified.

  • Enable unattended access
  • Allow other computers to save login information for this computer.

In the Admin Settings window, a password for unattended access can be set, as well as the option to store a token for each remote client that you entered a password to.This token will enable the remote client to have his requests accepted automatically without the need of typing the unattended access password for subsequent sessions:

Note: If the option to allow other computers to save the login information (via the access token) is not set, remote users always have to type the password manually.The option to 'Login automatically from now on' will be disabled on the remote side.

Exclusive unattended access

The Accept Window is not displayed in this mode. Set interactive access to disabled and use unattended access only to establish the session. Further limit access to the device by listing your devices in the Whitelist (See ACL)The access control list is a Whitelist that allows for exclusive access for specified IDs. This secures, that only devices that have been specified are allowed to make a session request at all. In this configurationnot even the accept window would show up if the connecting device is not on the list. 3rd party devices cannot request sessions and even if your password is compromised, only devices from your whitelist may access.

Caution:

The password should be very secure.Anyone knowing the password and your AnyDesk ID has full access to your computer.A password which exceeds at least 12 characters is highly recommended.AnyDesk also supports two-factor authentication for best security.Always double-check when a third party contacts you and demands your AnyDesk Address.We (AnyDesk Software) will never ask for your ID or password and legitimate companies will never contact you without you having initiated the communication first.In case you are seeking the help of a pc repair service, please make sure you know the vendor.We are planning a feature that will allow companies and individuals to obtain a signed certificate to prove their identity.

Automatic Login

Password Authorization for Unattended Access

After requesting session, the password dialog appears.

Check Login automatically from now on and enter the password. You will not be asked to enter this password in subequent session requests for this client.

  • This feature will only work if the other client has this feature enabled!
  • The Tokens substitute the password and are stored encrypted on both client sides. You can clear the Tokens List by clicking: Clear all Tokens Other clients who could connect automatically will now be asked to type the unattended password again.
  • Remember to also change your password since users who stored your password will still have access.
Computer

Security Considerations

  • This feature does not save the password itself. Instead, the remote machine generates a specific token. This token can only be used by an authorized client. A client can only get authorization if the correct password was entered there once.
  • There is no way to get access to your password in clear text, even if someone should get full access to a client which has enabled the feature.
  • You can revoke the permission to connect to a desktop at any time in the security tab by either disabling unattended access or resetting the tokens.
  • Changing the password to the same password will also invalidate all tokens. This is useful if you entered a password on another client, but this client does not know the password itself.
  • You can disable the feature to allow login information (the password) by unticking the Checkbox. Already existing tokens will remain in this case, but no new tokens can be accepted.




Comments are closed.