When I finish servicing computers remotely I always disable TV from startup. All it takes next time to start it is just clicking on a shortcut by a user. Not to mention, that if you are the one giving support, you do not even need the service running. BTW: https://www.teamviewer.com/en/help/398-what-is-two-factor-authentication-for-your-teamviewer-account
Yes, I use it that way also. But some users use it access their (or someone else's) computer when unattended. For them this is a big problem. 2FA didn't help according to posts on Reddit. Nobody knows how this attack is conducted and Teamviewer is saying that there is nothing wrong...
"In the middle of my gaming session, I lose control of my mouse and the TeamViewer window pops up in the bottom right corner of my screen," wrote Nick Bradley, a practice leader inside IBM's Threat Research Group. "As soon as I realize what is happening, I kill the application. Then it dawns on me: I have other machines running TeamViewer!" He continued: I run downstairs where another computer is still up and running. Lo and behold, the TeamViewer window shows up. Before I am able to kill it, the attacker opens a browser window and attempts to go to a new web page. As soon as I reach the machine, I revoke control and close the app. I immediately go to the TeamViewer website and change my password while also enabling two-factor authentication. Lucky for me, those were the only two machines that were still powered on with TeamViewer installed. Also lucky for me is the fact that I was there when it occurred. Had I not been there to thwart the attack, who knows what would have been accomplished. Instead of discussing how I almost got hacked, I’d be talking about the serious implications of my personal data leak. Source: http://arstechnica.com/security/201...ng-hacked-in-bulk-and-we-still-dont-know-how/ https://securityintelligence.com/compromised-before-my-very-eyes-how-i-almost-got-hacked/
Keeping TV active all the time has always been insane and can be justified only due to laziness. TeamViewer is essentially a RAT just waiting to be compromised. The only really shocking thing with this story is that it comes as a surprise to some.
And add to this browser saved passwords for PayPal account and accident is bound to happen. This just shows that to many people convenience is still more important than security.
Chinese cyberspies breached TeamViewer in 2016 TeamViewer said it detected and stopped the attack before hackers could do any damage May 17, 2019 https://www.zdnet.com/article/chinese-cyberspies-breached-teamviewer-in-2016/