TeamViewer

TeamViewer is available for Windows 10, 8, 7, Vista, XP, and 2000, Windows Home Server, Windows Server 2012, 2008, 2003, and 2000, Mac, Linux, Android, Windows Phone, iOS, and BlackBerry mobile devices.

TeamViewer has three built-in functionalities to let user access to remote computer. They are Remote Control, File Transfer and VPN (if driver is available). None of these functions have hidden mode and none let a remote user view or manage the host without being noticed (if that is monitored).

  • If required drivers are all installed (a remote user can install that too) an attacker can disable the screen and lock the keyboard to do things unseen (but not unnoticed).
  • Remote users can connect via the File Transfer function and install malware or change teamviewer files. Not unnoticed though. When the connection is established, a pop-up window appears on the host to show what files are viewed, copied or deleted.
  • If the TeamViewer VPN driver is installed and active on the host, a remote user can get in to the network using the host as a bridge. If network devices have default or weak passwords, attackers can change DNS addresses or forward all traffic to another network to receive and alter DNS requests. For example, to redirect traffic to a phishing website.