KnowBe4 - Are Bad Guys Swapping TeamViewer For AnyDesk to install Blackheart Ransomware?
According to Trend Micro researchers a new ransomware strain called Blackheart drops its payload alongside the perfectly legitimate AnyDesk remote desktop tool, highly likely as a way to evade detection.
This isn’t the first time that a malware abused a similar tool. TeamViewer, a tool with more than 200 million users, was abused as by a previous ransomware that used the victim’s connections as a distribution method.
Trend Micro researchers are guessing that cyber offenders are likely testing with AnyDesk as an alternative to TeamViewer, a similar tool that has previously been abused by ransomware.
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/are-bad-guys-swapping-teamviewer-for-anydesk-to-install-blackheart-ransomware