If I were to connect to a infected computer via teamviewer, can I get infected? If so how do I protect myself?
Can you get infected through teamviewer?
- Thread starter LukeNukesEm
- Start date
- Jun 23, 2015
- 198
if you share the files between two computers infected yes, but normal remotely no.
Yes, you can definitely be infected if you are connected to an infected system via TeamViewer, however in 99.9% of scenarios it would require user-intervention (e.g. you might accidentally send an infected file over to your host system without acknowledging it was really infected and then execute it, resulting in the infection of your system).
In more deep, sophisticated cases, the malware may have compatibility for abuse of TeamViewer/other desktop remote clients, and may automatically send you a file - even in this scenario, you as the user should have to provide user-intervention to accept the file submission, and obviously you would know that you did not send it to your host therefore you would decline the request.
In a very rare situation, maybe 1% out of millions, it is possible that TeamViewer could be exploited with a zero-day vulnerability to allow an attacker to gain access to your system without your consent. As we all know, there is functionality within TeamViewer to switch who has control/whose system is being controlled, and therefore this feature could potentially be a target for exploitation to perform the action simultaneously without any alert confirmation being shown - that being said, I only mentioned this because everything can be exploited one way or another (if it's made by humans then it cannot be perfect because none of us are perfect, but only close to perfection), therefore it's not impossible for it to happen.
Now I've said this, I would like to point out that I've actually never heard of a scenario where malware has automatically exploited TeamViewer to gain access to the host system of the person controlling the infected system, it really would be a rare case...
As long as you don't send any files from the infected machine to your host system (and then run the infected files), you should be fine - many people here especially have used TeamViewer to connect to friends/family members systems to help them clean it (e.g. if they live abroad), and many others off this forum... And they have always been fine.
Hope this helped & stay safe,
Wave.
In more deep, sophisticated cases, the malware may have compatibility for abuse of TeamViewer/other desktop remote clients, and may automatically send you a file - even in this scenario, you as the user should have to provide user-intervention to accept the file submission, and obviously you would know that you did not send it to your host therefore you would decline the request.
In a very rare situation, maybe 1% out of millions, it is possible that TeamViewer could be exploited with a zero-day vulnerability to allow an attacker to gain access to your system without your consent. As we all know, there is functionality within TeamViewer to switch who has control/whose system is being controlled, and therefore this feature could potentially be a target for exploitation to perform the action simultaneously without any alert confirmation being shown - that being said, I only mentioned this because everything can be exploited one way or another (if it's made by humans then it cannot be perfect because none of us are perfect, but only close to perfection), therefore it's not impossible for it to happen.
Now I've said this, I would like to point out that I've actually never heard of a scenario where malware has automatically exploited TeamViewer to gain access to the host system of the person controlling the infected system, it really would be a rare case...
As long as you don't send any files from the infected machine to your host system (and then run the infected files), you should be fine - many people here especially have used TeamViewer to connect to friends/family members systems to help them clean it (e.g. if they live abroad), and many others off this forum... And they have always been fine.
Hope this helped & stay safe,
Wave.
- Jul 3, 2015
- 8,153
however, if you set up TeamViewer to run automatically on your system, and it is set to receive incoming connections, so that you or someone else can remotely initiate a session, this has resulted in a lot of infections.
- Aug 2, 2015
- 4,286
Best practices when using Teamviewer is to download a fresh copy every time,
use it without installing, then delete the software off of your system after use.
There have been instances of T.V. starting (launching) of its own accord, and other
security risks as well as cross infection. It is a good tool in its field if it is handled
correctly, but it needs to be handled with a weary eye.
use it without installing, then delete the software off of your system after use.
There have been instances of T.V. starting (launching) of its own accord, and other
security risks as well as cross infection. It is a good tool in its field if it is handled
correctly, but it needs to be handled with a weary eye.
What steps do I take to protect myself from this? Thanks in advance!
- Jul 3, 2015
- 8,153
best advice is from @_CyberGhosT_
barring that, just turn off that automatic remote access setting, I don't remember exactly what it is called. Remove TV from startup. There will still be a service that runs, but that is not the major risk.
@_CyberGhosT_ : how to use it without installing it?
I know you didn't tag me to ask the question but hopefully you won't mind me answering it for you (nor @_CyberGhosT_); you can use TeamViewer without installing it by choosing to run it without installation from the installer executable.
When you download TeamViewer and run the installation you'll be presented with two options: one of them will allow you to run it like a Portable app for that session, the other will be for installation of the product on the system. Therefore, you can only download and run it for portable use when it's needed and then delete the installer afterwards so it cannot be used without you re-downloading it for portable usage.
- Jul 3, 2015
- 8,153
thanks, @WaveI know you didn't tag me to ask the question but hopefully you won't mind me answering it for you (nor @_CyberGhosT_); you can use TeamViewer without installing it by choosing to run it without installation from the installer executable.
When you download TeamViewer and run the installation you'll be presented with two options: one of them will allow you to run it like a Portable app for that session, the other will be for installation of the product on the system. Therefore, you can only download and run it for portable use when it's needed and then delete the installer afterwards so it cannot be used without you re-downloading it for portable usage.
- Mar 15, 2011
- 13,070
Yes and No:
Yes since the possible of infection may detect networking components which can jump viruses unto your system. Ransomware as an example is not just a simple threat but huge issues when your important files are automatically thrashed whether local or not.
Consider the fact that you are connecting in a Remote Server hence transmission of connection is highly critical, also vulnerabilities may expose like Remote Code Execution.
No, by default you cannot easily infected regardless on the system you connected, cause any transmission will occur once the user drag or allow some operations to do that.
Teamviewer does not contain any options that will turn the user in risk stage once connected to a possible infected system.
Actual example: My classmate did connect to a ransomware friend''s system (via Teamviewer) in order to diagnose the problem, fortunately no transmission of infection occurred on the time of session.
Yes since the possible of infection may detect networking components which can jump viruses unto your system. Ransomware as an example is not just a simple threat but huge issues when your important files are automatically thrashed whether local or not.
Consider the fact that you are connecting in a Remote Server hence transmission of connection is highly critical, also vulnerabilities may expose like Remote Code Execution.
No, by default you cannot easily infected regardless on the system you connected, cause any transmission will occur once the user drag or allow some operations to do that.
Teamviewer does not contain any options that will turn the user in risk stage once connected to a possible infected system.
Actual example: My classmate did connect to a ransomware friend''s system (via Teamviewer) in order to diagnose the problem, fortunately no transmission of infection occurred on the time of session.
- Feb 11, 2017
- 264
Nice Info.
Think best is don't set it to automatic connection.. but oh well, in times of "urgency", people will do anything for ease over security.
