Mac Hacked Through Teamviewer

 admin

A few days back, several users experienced, what must have seemed like a scene straight out of a horror flick, their PCs automatically opening several windows, browser tabs & mouse pointer swerving across the screen trying to log in to Paypal.

Teamviewer quicksupport mac

Well if you also experienced something similar to this, don’t panic, no spirit possessed your PC. Chances are you might be a TeamViewer user and one of the several affected ones due to widespread hacking of TeamViewer accounts.

Majority of the users reported few days ago but some users also claimed experiencing such an attack as far as six months back. But even after the numerous reports, TeamViewer was adamant on not admitting it got hacked and instead blamed user’s poor password choices. Anyway, we are not here to judged if TeamViewer was at fault or not, but what we are concerned about is the potential of such an attack. When an attacker has direct control over your PC he/she can do damage in umpteen, dangerous ways.

TeamViewer might look like the main culprit here but removing it is not viable or logical. A single person’s account can also be hacked and other alternatives are also not one hundred percent attack-proof. Moreover, TeamViewer is a necessity to many to provide remote tech support to their family without dealing with ports & IP addresses. So we will look at some of the general precautions you can take to shield yourself from the such attacks.

Through

Setting Master Password

Most of us have habit of storing passwords in our browsers. It is one of those habits where we choose convenience over safety. This habit will cost you, if you become victim of such attacks. An alternative is to use password manager (though they are also not immune to attacks), which is advisable, but if you absolutely don’t want to get out of your old habit, a master password gives one more layer of protection.

Chrome uses your Windows login password as master password, as default. For Firefox go to Settings > Security tab > Set Master Password, as shown above.

Oct 12, 2018  How to remotely access any PC using TeamViewer by Lance Whitney in Software on October 12, 2018, 12:04 PM PST TeamViewer is a handy program to remotely control any computer running Windows, MacOS. Jan 07, 2011  in general No doubt TeamViewer is one of the best, free remote access and remote desktop sharing software over internet. Let’s say your friend is facing some computer issues and she does not know much about computers. It’ll be really difficult for you to guide your friend over phone as mostly she’d not understand what to do and your phone bill would run high as well!for.

Setting up Secure Folder

This might sound non sequitur with the topic, but someone who has access to your computer can also go through your private stuff, copy it and distribute it. Setting up a password locked & encrypted folder, where you put all your sensitive files is a great way to thwart the intruder’s any such intentions.

If you are having a professional edition of Windows 8/8.1/10 you can use Bitlocker for the purpose while other users can choose from plenty of third party apps available. Some of the top ones of my head are AxCrpyt, Veracrypt & Symantec Endpoint Encryption.

Not Installing Remote Control Apps

Many popular remote apps, including TeamViewer, have an option to run the app instead of installing. So if you want to remote control for just one time it’s wise to just run the app. If you are not using any app and instead using RDP, then remember to disable RDP access after you are done.

Scanning for Malware

If you suspect something fishy has happened to your PC in your absence, a system wide anti-virus scan should be carried out. An intruder, if failed in finding anything useful, may install a keylogger or worse, ransomware. Even if Windows Defender gives a clean chit, which it does many times, a second scan should be done using some of the popular free anti-virus programs.

Checking Crucial Windows Settings

After scanning for malware & virus, next on the list should be important Windows settings. Check for any new Firewall rules, check for any unwanted apps by going to Control Panel > Uninstall a Program. If you want to achieve paranoid level checks, Regshot, for auditing registry & Windows built in file auditor are also there at your disposal.

Mac Hacked Through Teamviewer 10

Many of the users found out about unauthorized access through browser history, so it should be also checked as it can give vital clues as to what the intruder was trying to accomplish. Apart from this, any extensions and apps you don’t recognize should be removed.

Outside of the technical domain you should also go through your latest bank & credit card statements as well as Paypal, so you can promptly raise a refund claim for the Donald Trump life size cardboard standout.

Cool Tip: You can remotely control your PC as well as Mac remotely from your smartphone, learn the How-To.

Closing Thoughts: Be Really Safe

Teamviewer Mac Os X

Hackers & Intruders have really upped their game. Earlier it was limited to mass-leak of login credentials of a certain site, but now it is right at our PC. After this whole affair, TeamViewer did release a statement and introduced trusted devices, but again they did not accept any wrong doing on their part. The intention of this write-up was to guide users in the event such an attack. So if you have any comments and thoughts, please do share with us.

ALSO SEE:Guide To Remote Desktop Connection on Windows 10

Also See#remote access #remote control

Did You Know

Windows Hello is a biometric authentication feature in Windows 10.

More in Windows

5 Fixes for Microsoft Teams Microphone Not Working on Windows 10

Teamviewer Download Mac

Can’t Boot after uninstalling Teamviewer on Mac OS Catalina

12/4/2019

Ran into this problem on a few macs. The scenario is that you've uninstalled teamviewer on macOS catalina and now your mac won't boot. Instead it give you an error that reads: 'Unrecoverable Error. SecurityAgent was unable to create requested mechanism TeamViewerAuthPlugin:Start.
Basically it's a file that the OS is looking for to boot and it can't find it. Solution below:

UPDATE! 3/01/20
The simplest fix:
AuthDB Removal:
  • Start into macOS Recovery by holding down Cmd-R when booting before the chime until the apple logo.
  • Open Disk Utility -- found in the upper utility menu option.
  • Check the left source list for the name of your disk. For Macs running Catalina it is the Disk that does not end in '- Data'. It's usually 'Macintosh HD.'
  • Click to select the disk in the sidebar.
  • Click the 'Mount' button in the upper right. If you see the word 'unmount' skip this step.
  • Quit Disk Utility.
  • From the top menu bar click Utilities > Terminal.
  • Enter the command and hit return: rm '/Volumes/<your disk>/var/db/auth.db'
    • ​NOTE** There is a space after rm
    • NOTE** Replace <your disk> with the name of your hard disk from the earlier step.​ Eg. rm '/Volumes/Macintosh HD/var/db/auth.db'​
    • NOTE** once you enter the command hit return to submit the command.
    • NOTE** if the terminal returns down waiting for a new command, it's successful.
  • Restart.
  • ​If you receive an error review the steps carefully again, or call us for assistance.

OLD FIX - Replace the Plugin.
The Fix Option 1 - Target Disk Mode:
  • Requires a Thunderbolt cable to connect two macs together.
  • Get another mac that is not the broken one, duh.
  • Download the file you need to replace here.
  • Unzip the file.
  • Boot the broken mac to target disk mode by holding the T key during boot, until you see the thunderbolt Icon on the screen.
  • Connect both macs together via thunderbolt, the broken mac's hard drive will show up as an external HD.
  • In the Finder, from the root of the broken mac's hard drive navigate to: /Library/Security/SecurityAgentPlugins/
  • Paste in the file you downloaded above.
  • Restart the broken mac.
  • Done. Hooray.

The Fix Option 2 - USB Thumb Stick & Terminal Command:
  • Download the file you need to replace here.
  • Unzip the file.
  • Copy the file to a USB Thumb Drive.
  • Name the USB drive: fixit
  • Connect the USB to your broken mac.
  • Boot your broken Mac while holding Command+R until you see the Apple logo.
  • In the upper menu click utilities, then select terminal.
  • Type the following command and hit return: ls /Volumes/
  • This command lists the attached volumes. Make a note of the drive name for the internal hard drive.
  • Enter the terminal command and hit return: cp -r /Volumes/fixit/TeamViewerAuthPlugin.bundle /Volumes/Macintosh HD/Library/Security/SecurityAgentPlugins/
NOTE ** YOU MAY NEED TO REPLACE THE NAME OF 'MACINTOSH HD' IF YOUR HARD DRIVE NAME DIFFERS. ALSO, IF THERE ARE SPACES IN YOUR HARD DRIVE NAME, THE SPACE IS REPRESENTED AS A ' ' A BACKSLASH WITH A SPACE. EG. 'MY HARD DRIVE' IT WOULD BE REPRESENTED IN THE TERMINAL COMMAND AS 'MY HARD DRIVE'
  • Click the apple in the upper left and select restart.
  • Done. Hoory.

​You're welcome.
1/16/2020 03:19:38 pm

I tried your Option 2. After going to the terminal and entering Is /Volumes/ it just said file not found which seemed odd. So I entered the cp -r /Volumes/fixit/TeamViewerAuthPlugin.bundle /Volumes/Macintosh HD/Library/Security/SecurityAgentPlugins/ and restarted but got the same error. I'm getting 'the file I need' on another mac, saving it to a thumb drive, then using an adapter to connect it to the mini usb on my broken computer. Could this be a problem. Frustrated and perplexed.

2/10/2020 12:00:51 pm

I have the same problem

3/9/2020 11:15:57 am

Go with the updated steps, see above
'
UPDATE! 2/10/20
There is a simpler fix than the one detailed below. We'll lay it out here:
FIX - AuthDB Removal:
'
with the only remark that to boot into recovery, switch off your Mac, then press and hold keys [command] and [R] and switch on your Mac (keep the two keys pressed until the apple logo appears, the you can release them). The ret of the steps should be straight-forward.

1/20/2020 09:42:46 am

Agh, I cant even find the Terminal command.
Can you publish a picture where it should be.
I searched every drop down menu...

1/26/2020 07:15:46 am

Thank you !! It helped me

1/29/2020 06:55:18 am

I used option 1, many, many thanks this worked perfectly. How do I manage to uninstall Teamviewer permanantly? The reason beoing I have heard of some scams using it to hack into computers.

3/9/2020 09:39:29 am

I can’t do that :( can you help me please???

3/9/2020 11:17:41 am

Go with the updated steps, see above
'
UPDATE! 2/10/20
There is a simpler fix than the one detailed below. We'll lay it out here:
FIX - AuthDB Removal:
'
with the only remark that to boot into recovery, first switch off your Mac, then press and hold keys [command] and [R] and switch on your Mac (keep the two keys pressed until the apple logo appears, the you can release them). The rest of the steps should be straight-forward.

2/1/2020 05:21:59 am

Hey,
I have this message
How do I know it is ok?
I've tried to restart it but I still have the error :( I've tried so many times to type the code..

2/15/2020 07:14:50 pm

Thank you, thank you, thank you. I was pulling my hair out, but now all is well. I can’t thank you enough for the fix using the Terminal command.

2/17/2020 02:22:12 pm

Thanx so much! It worked for another lost file mkauthplugin:prelogin. My son unplugged a flight simulator joy stick?? and the message came up!

2/24/2020 02:04:07 am

I’ve tried command R and many other key combinations I’ve seen in online discussion groups. Nothing I do gets rid of the black screen and unrecoverable error message. I would love to try your solution but I can’t get into recovery mode. Any thoughts?

2/24/2020 10:44:42 am

Awesome it’s working

3/6/2020 06:38:30 am

The new solution
'
UPDATE! 2/10/20
FIX - AuthDB Removal:
'
worked like a charm right away. Kudos to you, brothers and/or sisters :)
PS: all this after a long session with Apple Support involving a 2nd-line 'senior advisor' who could only give me the standard incompetency-proving solution of 'wipe&reinstall macOS'... pff.

3/13/2020 10:37:35 pm

Hi i tried your updated fix posted below for the Teamviewer reboot error. I was successful up until the step to enter command: rm '/Volumes/<your disk>/var/db/auth.db'
I get “no such file or directory”.
I’ve verified name of my HD is the same: Macintosh HD.
Please help!
https://www.easymacsupport.com/blog/cant-boot-after-uninstalling-teamviewer-on-mac-os-catalina

3/26/2020 03:31:48 pm

I have excatly the same, how did
You fix it in the end?

3/27/2020 11:14:30 am

same 😥

3/27/2020 11:47:19 am

It is: rm(space) And then “/Volumes.... etc. And you need to leave a space in between Macintosh And HD also. And still use the “”

3/15/2020 12:28:55 pm

You saved my life. Option 1 worked also in High Sierra.

3/23/2020 02:30:54 am

Help! It doesn't work on my mac. I have always ' No such file or directory' answer .

3/23/2020 02:48:33 am

Ok, I get it! I've tried a few usb format and it's working :)

3/26/2020 03:21:27 pm

I have the same! How did you fixed
It????

3/28/2020 07:01:25 pm

Muchas Gracias!!! U save my life!!! Thx!!!
Just one comment: between rm and “ there is a space!!!

3/29/2020 10:52:34 am

This fucking teamviewer broke my macbook pro

4/3/2020 01:59:02 am

Thank you!! It worked with the disk name name as .../“Macintosh HD”/...

4/3/2020 02:09:35 am

I love you

4/6/2020 02:20:54 pm

The first one worked you just have to type it in correctly!
Thank you ,weight is off my shoulders!


Leave a Reply.