A .NET malware abusing legitimate ffmpeg

Use TeamViewer? Fix this dangerous permissions bug with an update

TeamViewer, the remote control/web conference program used to share files and desktops,  is suffering from a case of “patch it now.” Issued yesterday, the fix addresses an issue where one user can gain control of another’s PC without permission.

Windows, Mac, and LinuxOS are all apparently affected by this bug, which was first revealed over on Reddit. According to TeamViewer, the Windows patch is already out, with Mac and Linux to follow on soon. It’s definitely worth updating, as there are shenanigans to be had whether acting as client or server:

As the Server: Enables extra menu item options on the right side pop-up menu. Most useful so far to enable the “switch sides” feature, which is normally only active after you have already authenticated control with the client, and initiated a change of control/sides.

As the Client: Allows for control of mouse with disregard to server’s current control settings and permissions.

This is all done via an injectible C++ DLL. The file, injected into TeamViewer.exe, then allows the presenter or the viewer to take full control.

It’s worth noting that even if you have automatic updates set, it might take between three to seven days for the patch to be applied.

Many tech support scammers make use of programs such as TeamViewer, but with this new technique they wouldn’t have to first trick the victim into handing over control. While in theory a victim should know immediately if a scammer has gained unauthorised control over their system and kill off the session straight away, in practice it doesn’t always pan out like that.

TeamViewer has had other problems in the past, including being used as a way to distribute ransomware, denying being hacked after bank accounts were drained, and even being temporarily blocked by a UK ISP. Controversies aside, you should perhaps consider uninstalling the program until the relevant patch for your operating system is ready to install. This could prove to be a major headache for the unwary until the problem is fully solved.

ABOUT THE AUTHOR