top of page
  • Clipeus

AnyDesk Credential Compromise

In the night of February 2, 2024, AnyDesk released an advisory confirming a compromise of the company's "production systems" without further specification other than indicating the event is not ransomware-related.

As the advisory mandates customers to reset their web application portal passwords, there is a potential that the event impacted credentials of my[.]anydesk[.]com web application users. However, there is reportedly no evidence of a compromise of end-user devices.

The event appears to have been discovered on January 29, when AnyDesk logged a change to their code signing certificates.

AnyDesk users may want to consider the following actions:

  • Reset the client portal password;

  • If the potentially compromised password was used across other platforms, reset those credentials as well;

  • Make sure to enable multi-factor authentication across accounts where the password was reused;

  • As a precautionary measure, revoke the AnyDesk session tokens.

AnyDesk's investigation is still ongoing. There may be developments during the next days or weeks.


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page