5

I have been doing business with someone on Fiverr. The person's help was really good, but I have concerns that they could potentially hack through TeamViewer. I never leave sight of my PC and I follow every click that is made with the mouse.

However, is there a way that someone can hack without my knowledge? Is there a way for them to control my mouse on their end and make it appear as if my mouse pointer isn't moving on my end?

I make sure to completely log off and lock my PC after each session, however I am not sure how to check if my PC has been hacked without my knowledge.

S.L. Barth
  • 5,486
  • 8
  • 38
  • 47
user249240
  • 63
  • 1
  • 1
  • 3

3 Answers3

9

TeamViewer has three built-in functionalities to let user access to remote computer. They are Remote Control, File Transfer and VPN (if driver is available). None of these functions have hidden mode and again none of them lets remote user view or manage your computer without you noticing it. I see three possible attacks here:

  1. If required drivers are all installed (remote user can install that too) he can disable your screen and lock your keyboard to do dirty things without you seeing it but not without noticing it. All you have to do is plug out your network cable or power cord, that will stop him.
  2. Remote user can connect your computer with File Transfer function. However when the connection is established, you will see a pop-up window that lets you see what remote user viewing, copying or deleting. If you are not careful he can install malware or change your teamviewer files with evil ones.
  3. If TeamViewer VPN driver is installed and active, remote user can get in to your home network via using your computer as a bridge. If your network devices have default or weak passwords, attacker can change your DNS addresses (or worse, forward all traffic to its own network) to get and alter your DNS requests. He can use this technique to redirect you a phishing website and steal your information.

All of these techniques are useless if you are careful enough. First and second technique cannot be accomplished without you noticing it. If you haven't installed VPN driver for TeamViewer (that can disabled from your network and sharing center) there is nothing to worry about with the third one too.

If you are careful enough, no one can hack you with TeamViewer.

Batuhan
  • 672
  • 4
  • 17
2

Generally it is a good idea to keep to the latest version of a software. A quick search on the exploit database reveals several vulnerabilities for team viewer, including a dll injection exploit that allows an attacker to override or ignore the permissions of your server with his client with team viewer version 13.

I am not sure if both client and server have to use version 13 or if it is enough for the attacker to be using that version.

Either way it is a good idea to only give your access information to people you trust. Even if there weren't such an exploit in the software itself, some expert could easily do something you don't understand with some powershell script running on your computer while opening a session in the background, or install some vulnerable service that he says you need or whatever.

All that's needed is to open a prompt, pasting whatever exploit/payload and then hitting enter and closing/minimizing the CLI and disguise it as some normal workflow.

Generally speaking you should be safe if you pay a trusted and reputable company to fix your problem. Keep your software updated and don't give anyone the data they need to access your machine. Or in other words have the brain.exe service always running.

FalcoGer
  • 402
  • 3
  • 9
0

I've come across teamviewer being used maliciously in socially engineering old and vulnerable people. Typically, they're asked to install teamviewer for a support issue, then to bring up the on-screen keyboard in windows, which the attacker then uses to record any passwords...

D0gfather
  • 71
  • 4