teamviewer.com link icon
or
Ask The Community

Do you want to enjoy the new TeamViewer user interface for Windows?


Download the new version and let us know what you think about it! 👉 Please click here 👈

Unauthorized Remote Access...from TeamViewer?

Good morning, I happened to be up early this morning and watched as my computer woke up and started logging in to my banking websites (saved browser passwords are a curse). As soon as I touched the mouse, the session disconnected (shocking). I haven't gotten any "authorize computer" emails that weren't mine. I have since changed my password and activated 2FA. I do not (and have not) have easy access on.

I looked in the TeamViewer logs and saw this at the correct time:

2021/04/21 05:43:33.961 4448 4944 S0  CommandHandlerRouting[4]::CreatePassiveSession(): incoming session via CA-MON-IBM-R006.teamviewer.com, protocol Tcp

2021/04/21 05:43:34.081 4448 4944 S0  CTcpConnectionBase[8]::ConnectEndpoint(): Connecting to endpoint 169.54.104.73:5938

That IP appears to be owned by Teamviewer.

If this is actually legitimate Teamviewer usage, then there is NO reason to be opening my browser and accessing ANYTHING. If it isn't, that's another matter, but I'd like to think I've protected my Teamviewer account decently.

Comments