AnyDesk

Last updated
AnyDesk
Developer(s) AnyDesk Software GmbH
Stable release(s) [±]
Windows 9.0.0 / 2 December 2024;3 days ago (2024-12-02) [1]
macOS 8.1.4 / 31 October 2024;35 days ago (2024-10-31) [2]
Android / Chrome OS 7.2.0 / 19 November 2024;16 days ago (2024-11-19) [3]
iOS 7.1.1 / 22 February 2024;9 months ago (2024-02-22) [4]
Linux 6.4.0 / 12 November 2024;23 days ago (2024-11-12) [5]
Raspberry Pi, discontinued6.3.0 / 10 August 2023;15 months ago (2023-08-10) [6]
Free BSD, discontinued6.1.1 / 15 April 2021;3 years ago (2021-04-15) [7]
Operating system Windows, macOS, Linux, Android, iOS, FreeBSD, Raspberry Pi
Type Remote desktop software, Remote administration, Remote support
License Proprietary software
Website anydesk.com

AnyDesk is a remote desktop application distributed by AnyDesk Software GmbH. The proprietary software program provides platform-independent remote access to personal computers and other devices running the host application. [8] It offers remote control, file transfer, and VPN functionality. AnyDesk is often used in technical support scams and other remote access scams. [9] [10] [11]

Contents

Company

AnyDesk Software GmbH was founded in 2014 in Stuttgart, Germany and now has subsidiaries in the US, China, and Hong Kong, as well as an Innovation Hub in Georgia. [12] [13]

In May 2018, AnyDesk secured 6.5 million euros of funding in a Series A round led by EQT Ventures. [14] [15] Another round of investment in January 2020 brought AnyDesk to over twenty million dollars of combined funding. [16]

Controversy

Since the 2022 Russian invasion of Ukraine and the implementation of international sanctions, AnyDesk has maintained its operations in Russia. Some critics suggest that this decision could weaken the impact of sanctions and raises questions about the company's approach to corporate responsibility during conflicts. [17]

Software

AnyDesk uses the proprietary video codec "DeskRT". It is designed to allow users high-quality video and sound reception, and keep the amount of data transmitted to a minimum. [14]

AnyDesk partnered with remote monitoring and management and mobile device management services, such as Atera Networks [18] and Microsoft Intune. [19]

Features

Availability of features is dependent upon the license of the individual user. Some main features include: [20]

Security

AnyDesk uses TLS 1.2 with authenticated encryption. Every connection between AnyDesk clients is secured with AES-256. When a direct network connection can be established, the session is endpoint encrypted and its data is not routed through AnyDesk servers. [21] Additionally, whitelisting of incoming connections is possible. [22]

Abuses

AnyDesk is one of many tools used in technical support scams and other remote access scams. [9] [10] [11] It can be optionally installed on computers and smartphones with full administrative permissions, if the user chooses to do so. [23] This provides the host user with full access to the guest computer over the Internet, and, like all remote desktop applications, is a severe security risk if connected to an untrusted host.

Mobile access fraud

In February 2019, Reserve Bank of India warned of an emerging digital banking fraud, explicitly mentioning AnyDesk as the attack channel. [24] The general scam procedure is as follows: fraudsters get victims to download AnyDesk from the Google Play Store on their mobile phone, usually by mimicking the customer service of legitimate companies. Then, the scammers convince the victim to provide the nine-digit access code and to grant certain permissions. [25] After permissions are obtained and if no other security measures are in place, the scammers usually transfer money using the Indian Unified Payment Interface. [26] A similar scam took place in 2020, according to Kashmir Cyber police. [27] The same method of theft is widely used internationally on either mobile phones or computers: a phone call convinces a person to allow connection to their device, typically from a caller claiming to be a service provider to "solve problems with the computer/phone", warning that Internet service will otherwise be disconnected, or from a caller claiming to be a financial institution because "there have been suspicious withdrawal attempts from your account".

Bundling with ransomware

In May 2018, the Japanese cybersecurity firm Trend Micro discovered that cybercriminals bundled a new ransomware variant with AnyDesk, possibly as an evasion tactic masking the true purpose of the ransomware while it performs its encryption routine. [28] [29]

Technical support scams

Scammers use AnyDesk and similar remote desktop software to obtain full access to the victims' computer by impersonating a technical support person. [30] [31] [32] The victim is asked to download and install AnyDesk and provide the attackers with access. When access is obtained, the attackers can control the computer and move personal files and sensitive data.

In 2017, the UK based ISP TalkTalk banned TeamViewer and similar software from all its networks after scammers cold called victims and talked them into giving access to their computer. The software was removed from the blacklist after setting up a scam warning. [33] In September 2021, the State Bank of India warned customers not to install AnyDesk or similar apps. [34] In March 2022, the Federal Bureau of Investigation issued a cybersecurity advisory noting that AnyDesk software was used in the operations of the AvosLocker ransomware gang. [35]

In 2023, AnyDesk announced the establishment of an "Anti-Fraud Task Force" in partnership with a number of prominent scam baiters in an initiative to combat technical support scams and abuse of remote-access software. The task force included Jim Browning, Kitboga and Scammer Payback. [36]

See also

Related Research Articles

Scam baiting is a form of internet vigilantism primarily used towards advance-fee fraud, IRS impersonation scams, technical support scams, pension scams, and consumer financial fraud.

<span class="mw-page-title-main">Technical support</span> Maintenance service of electronic consumers

Technical support, commonly shortened as tech support, is a customer service provided to customers to resolve issues, commonly with consumer electronics. This is commonly provided via call centers, online chat and email. Many companies provide discussion boards for users to provide support to other users, decreasing load and cost on these companies.

<span class="mw-page-title-main">Scareware</span> Malware designed to elicit fear, shock, or anxiety

Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it. Usually the virus is fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 585% increase in scareware programs.

Ransomware is a type of malware that permanently blocks access to the victim's personal data unless a "ransom" is paid. While some simple ransomware may lock the system without damaging any files, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem, and difficult-to-trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

This is a comparison of voice over IP (VoIP) software used to conduct telephone-like voice conversations across Internet Protocol (IP) based networks. For residential markets, voice over IP phone service is often cheaper than traditional public switched telephone network (PSTN) service and can remove geographic restrictions to telephone numbers, e.g., have a PSTN phone number in a New York area code ring in Tokyo.

Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.

Telemarketing fraud is fraudulent selling conducted over the telephone. The term is also used for telephone fraud not involving selling.

In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system, while being displayed on a separate client device. Remote desktop applications have varying features. Some allow attaching to an existing user's session and "remote controlling", either displaying the remote control session or blanking the screen. Taking over a desktop remotely is a form of remote administration.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection. RDS was first released in 1998 as Terminal Server in Windows NT 4.0 Terminal Server Edition, a stand-alone edition of Windows NT 4.0 Server that allowed users to log in remotely. Starting with Windows 2000, it was integrated under the name of Terminal Services as an optional component in the server editions of the Windows NT family of operating systems, receiving updates and improvements with each version of Windows. Terminal Services were then renamed to Remote Desktop Services with Windows Server 2008 R2 in 2009.

<span class="mw-page-title-main">TeamViewer</span> Remote administration and web conferencing software

TeamViewer is a remote access and remote control computer software, allowing maintenance of computers and other devices. It was first released in 2005, and its functionality has expanded step by step. TeamViewer is proprietary software that requires registration and is free of charge for non-commercial use. It has been installed on more than two billion devices. TeamViewer is the core product of developing company TeamViewer SE.

ConnectWise ScreenConnect, previously ConnectWise Control, is a self-hosted remote desktop software application. It was originally developed by Elsinore Technologies in 2008 under the name ScreenConnect, and is now owned by ConnectWise Inc.

<span class="mw-page-title-main">Ammyy</span>


Ammyy was a company which created the remote desktop software called Ammyy Admin. It was often used by scammers who cold-call homes to try to gain access to their computer.

<span class="mw-page-title-main">Technical support scam</span> Type of fraud and confidence trick

A technical support scam, or tech support scam, is a type of scam in which a scammer claims to offer a legitimate technical support service. Victims contact scammers in a variety of ways, often through fake pop-ups resembling error messages or via fake "help lines" advertised on websites owned by the scammers. Technical support scammers use social engineering and a variety of confidence tricks to persuade their victim of the presence of problems on their computer or mobile device, such as a malware infection, when there are no issues with the victim's device. The scammer will then persuade the victim to pay to fix the fictitious "problems" that they claim to have found. Payment is made to the scammer via gift cards or cryptocurrency, which are hard to trace and have few consumer protections in place. Technical support scams have occurred as early as 2008. A 2017 study of technical support scams found that of the IPs that could be geolocated, 85% could be traced to locations in India, 7% to locations in the United States and 3% to locations in Costa Rica. Research into tech support scams suggests that millennials and those in generation Z have the highest exposure to such scams; however, senior citizens are more likely to fall for these scams and lose money to them. Technical support scams were named by Norton as the top phishing threat to consumers in October 2021; Microsoft found that 60% of consumers who took part in a survey had been exposed to a technical support scam within the previous twelve months. Responses to technical support scams include lawsuits brought against companies responsible for running fraudulent call centres and scam baiting.

A SIM swap scam is a type of account takeover fraud that generally targets a weakness in two-factor authentication and two-step verification in which the second factor or step is a text message (SMS) or call placed to a mobile telephone.

<span class="mw-page-title-main">Kitboga (streamer)</span> American YouTuber, Twitch streamer, and scambaiter

Kitboga is the Internet alias of an American Twitch streamer and YouTuber whose content primarily focuses on scam baiting against phone fraud. His channel has over one million followers on Twitch, and his YouTube channel has over three million subscribers.

<span class="mw-page-title-main">Jim Browning (YouTuber)</span> Northern Irish YouTube personality and scam baiter

Jim Browning is the Internet alias of a software engineer and YouTuber from Northern Ireland whose content focuses on scam baiting and investigating call centres engaging in fraudulent activities. Browning cooperates with other YouTubers and law enforcement when they seek his expertise in investigating and infiltrating scam call centers. Browning has published several journalistic exposé videos highlighting the results of his investigations.

An overpayment scam, also known as a refund scam, is a type of confidence trick designed to prey upon victims' good faith. In the most basic form, an overpayment scam consists of a scammer claiming, falsely, to have sent a victim an excess amount of money. The scammer then attempts to convince the victim to return the difference between the sent amount and the intended amount. This scam can take a number of forms, including check overpayment scams and online refund scams.

Supremo is a remote desktop software that allows access to remote computers, servers and other devices. It was first released in 2013 by Nanosystems S.r.l.

RustDesk is a remote access and remote control software, primarily written in Rust, that enables remote maintenance of computers and other devices. The RustDesk client runs on operating systems such as Microsoft Windows, Apple MacOS, Apple iOS, Android and common Linux distributions. RustDesk has the aspiration to be an open-source alternative to remote desktop software such as TeamViewer or AnyDesk. As a result, RustDesk can function without relying on additional tools such as VPNs or port forwarding, even behind firewalls or NATs.

Scammer Payback, also known by his nickname "Pierogi", is an American YouTuber and streamer, who specializes in creating content about scam baiting against phone scams and Internet scams. He works against a variety of scams over the phone, such as technical support scams, refund scams, social security scams, and IRS impersonation scams.

References

  1. "Changelog for Windows". AnyDesk. Retrieved 2024-12-03.
  2. "Changelog for macOS". AnyDesk. Retrieved 2024-12-03.
  3. "AnyDesk Remote Desktop". Google Play. Retrieved 2024-11-23.
  4. "AnyDesk Remote Desktop". App Store. Retrieved 2024-12-03.
  5. "Changelog for Linux". AnyDesk. Retrieved 2024-12-03.
  6. "Changelog for Raspberry Pi". AnyDesk. Retrieved 2024-12-03.
  7. "Changelog for FreeBSD". AnyDesk. Retrieved 2024-12-03.
  8. "Innovative and Reliable: Our Features". AnyDesk. Retrieved 2020-05-25.
  9. 1 2 Aussies have lost over AU$7 million to remote access scams already this year
  10. 1 2 Scammers drain bank accounts using AnyDesk and SIM-swapping
  11. 1 2 Singh, Shelley. "AnyDesk: Fraud is only possible if user grants access: Oldrich Müller, COO, AnyDesk". The Economic Times. Retrieved 2022-05-05.
  12. "AnyDesk verspricht PC-Fernsteuerung in Echtzeit". deutsche-startups.de (in German). 16 July 2014. Retrieved 2018-08-21.
  13. "AnyDesk press release about innovation hub in Georgia". AnyDesk. 2022-04-07. Retrieved 2022-10-12.
  14. 1 2 "AnyDesk scores €6.5M for its remote desktop software – TechCrunch". techcrunch.com. 15 May 2018. Retrieved 2018-06-15.
  15. "EQT Ventures' investment in AnyDesk". eqtventures.com. Archived from the original on 2018-08-22. Retrieved 2018-08-22.
  16. "Global Software Innovator, AnyDesk, Launches Expansion with Leading Growth Equity Investor, Insight Partners | News & Press". Insight Partners. 2020-01-22. Retrieved 2020-05-25.
  17. "Major German brands still active in Russia despite sanctions, military support for Ukraine". www.aa.com.tr. Retrieved 2024-12-05.
  18. Official website of Atera
  19. Integration Partners, AnyDesk official website
    Atera and AnyDesk – Where the Hassle Ends and Simplicity Starts, AnyDesk official blog
  20. "Category:Features - AnyDesk Help Center". support.anydesk.com. Archived from the original on 2018-06-27. Retrieved 2020-05-25.
  21. "Security - AnyDesk Help Center". support.anydesk.de. Archived from the original on 2018-08-22. Retrieved 2018-08-21.
  22. "Access and Session Requests - AnyDesk Help Center". AnyDesk Help Center. Archived from the original on 2019-07-30. Retrieved 2018-08-22.
  23. "Administrator Privileges and Elevation (UAC) - AnyDesk Help Center". support.anydesk.com. Archived from the original on 2019-07-30. Retrieved 2019-07-30.
  24. KVN, Rohit (2019-02-18). "RBI malware warning: Refrain from installing 'AnyDesk' mobile app or else risk losing bank balance". International Business Times, India Edition. Retrieved 2019-02-19.
  25. "RBI AnyDesk Warning: This app can steal all money from your bank account, never download". Zee Business. 2019-02-17. Retrieved 2019-02-19.
  26. "RBI Cautions Against Fraudulent Transactions On UPI Platform". BloombergQuint. 16 February 2019. Retrieved 2019-02-19.
  27. "Cyber Police Kashmir unearths 'AnyDesk' online fraud". www.daijiworld.com. Retrieved 2021-02-25.
  28. "Legitimate Application AnyDesk Bundled with New Ransomware Variant - TrendLabs Security Intelligence Blog". 2018-05-01. Retrieved 2018-08-28.
  29. "WanaCrypt Ransomware – 202 N Van Buren Rd Ste E Eden, NC 27288". www.microsupportsystems.com. Archived from the original on 2019-11-01. Retrieved 2018-08-28.
  30. "As social engineering activities increase buyer beware of tech support scams". Verizon Enterprise Solutions. Archived from the original on 2017-12-01. Retrieved 2018-08-28.
  31. "How to avoid being a tech support scam victim | thinkbroadband". www.thinkbroadband.com. Retrieved 2018-08-28.
  32. "02085258899 - tech support scam (using anydesk.com, teamviewer.com and supremofree.com)". blog.dynamoo.com. Retrieved 2018-08-28.
  33. "ISP customer data breach could turn into supercharged tech support scams". Naked Security. 2017-03-20. Retrieved 2018-08-06.
  34. "SBI customers beware! Avoid installing these 4 apps on your phone". Hindustan Times. 2021-09-07. Retrieved 2022-05-07.
  35. FBI (17 March 2022). "Indicators of Compromise Associated with AvosLocker Ransomeware" (PDF). FBI Internet Crime Complaint Center. Retrieved 7 May 2022.
  36. AnyDesk (2023-05-16). "AnyDesk Fights Back Against Fraud". AnyDesk Blog. Retrieved 2023-05-31.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.