Beware Of Fake AnyDesk Requests That Gives Remote Access To Hackers

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned recently of a sophisticated scam targeting computer users through fake AnyDesk requests.

This new threat exploits social engineering tactics to gain unauthorized access to victims’ devices, potentially leading to data theft and other malicious activities.

The scam involves attackers impersonating CERT-UA, sending connection requests via AnyDesk under the guise of conducting a “security audit to check the level of security.”

Google News

Security researchers at CERT-UA noted these fraudulent requests use the CERT-UA name and logo, along with an AnyDesk identifier that may vary but has been observed as “1518341498”.

Fake connection request (Source – CERT-UA)

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

Conditions needed for successful attack

For this attack to succeed, two critical conditions must be met:-

  1. The attacker must possess the victim’s AnyDesk ID.
  2. The AnyDesk software must be running on the target computer.

Security experts believe that attackers may have obtained AnyDesk IDs through previous compromises, possibly from other computers where remote access was once authorized.

In 2024, CERT-UA detected over 1,042 cyber incidents, with malicious code and intrusion efforts accounting for more than 75% of all events.

It’s important to note that CERT-UA does occasionally use remote access software, including AnyDesk, to assist in cybersecurity incident response. However, such actions are always pre-arranged through official communication channels.

Besides this, verifying the legitimacy of such requests through established channels is crucial in maintaining cybersecurity integrity.

To protect against these attacks, CERT-UA recommends the following measures:-

  1. Enable remote access software only for the duration of its intended use.
  2. Personally verify and agree upon any remote access work through established communication channels.
  3. Remain vigilant and report any suspicious activities to cyber defense units or CERT-UA immediately.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

Tushar Subhra Dutta
Tushar Subhra Dutta
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.