Update: A spokesperson told Digital Trends that there is still no evidence of any kind of breach at TeamViewer and the recent cases of users targeted by cybercriminals are most likely due to the reuse of passwords that ended up in a data dump or storing passwords in their browser.
Unsolicited Windows 10 updates have been a pain for many users, but they may be a blessing in disguise if you’re one of the people affected by the recent breach at TeamViewer.
The remote login and desktop sharing software was accused of being breached last week, with users reporting attackers taking over their machines remotely and even accessing bank and PayPal accounts. But according to one Reddit user, his computer was unintentionally saved midattack when a Windows 10 upgrade launched, kicking out the hacker.
“I was in the middle of being controlled but, fortunately, a Windows 10 upgrade suddenly started and kicked the hacker off,” he wrote. “Then my version of TeamViewer was removed automatically because it wasn’t compatible.”
As the upgrade started, the attacker’s connection to the victim’s computer was dropped. Once the upgrade to the new OS was completed, the TeamViewer software was removed entirely as it is reportedly incompatible with Windows 10.
In most of the alleged TeamViewer user breaches, the culprits reportedly access the victim’s machine to try and access financial accounts and empty the funds.
In this unique case, the much-criticized Windows 10 upgrade reminder interrupted a potentially disastrous incident for this particular user.
Since the reports of the breaches first surfaced, TeamViewer has acknowledged the incident but had initially blamed users for reusing passwords that were likely scooped up in a separate data dump. It then apologized for blaming users.
All TeamViewer users are urged to change their passwords to avoid falling prey to attack. They certainly shouldn’t rely on Windows 10 upgrades having their back, either.
After reports of attacks began, TeamViewer launched two new security features for trusted devices and an account-monitoring service. The services were intended to be launched later this year but were brought out earlier in light of recent events.
