Infected w/Amnesia Ransomware via TeamViewer. Support not answering or accepting ticket! Filed w/FBI

LML

I hoped to talk to someone at Teamviewer privately but after being on hold for almost 30 min the phone system gave me a message to hang up and go to the site. The site would not let me submit a ticket. So hear I am now in your community where everyone can see...

We downloaded a trial of TeamViewer onto a server on June 17, 2017. No other site was visited that day, before or after. No downloads have been done that day, before or after. There is no email activity.  We did not use TeamViewer other than seeing if it would work thatday. We failed to uninstall it from the server. My lead developer is a big Teamviewer fan and thought it fine to download and leave it on the server. Unfortunately - NOT.  

On July 6 2017 the server failed and we found the amnesia ransomware note and a huge amount of damage in the server. There was also a "trial ended" pop up on the server from TeamViewer.

What is TeamViewer doing to solve this issue and support those of us who had misdirected faith in your company?  I now see links even a year back that identify a ransomware-carried-by-teamviewer issue. I would think TeamViewer would have done something to protect users.

AxelSchmidt

Hi LML,

Thank you for posting in our community.

We are extremely sorry to hear your systems were infected with ransomware, and we strongly condemn any criminal activity.

One of the reasons why we encourage users to post in this community is because we strongly believe in open and transparent communications - so we welcome your post here. Even more so since we have nothing to hide: Currently, we have no evidence for a structural deficit of our software that is being abused in any ransomware campaigns.

There are some untrustworthy sources that offer TeamViewer downloads – yet you never know what precisely you download from these questionable sites. Therefore, we strongly recommend to download TeamViewer only through our official channels.

We are happy for you to post a response here if you would like, however to follow up your individual case, we would ask that you send us an email with as much information as you can provide to fraud@teamviewer.com where we have a team specifically set up to deal with this kind of activity.

Best regards,

Axel