back to article GoToMYPC attacked

Another remote access service is under attack, with Citrix's GoToMYPC running a system-wide password reset. It's keeping details of the nature of the breach under wraps for now, but it looks to Vulture South like someone's either bulk-testing passwords on leaked lists, or taking a shot at man-in-the-middle. From the GoToMYPC …

  1. Sebastian A

    So hot on the heels of that

    will be spammers sending mails pretending to be from GoToMyPC with fake password reset links.

    War, war never changes.

    1. Anonymous Coward
      Anonymous Coward

      Dear Mr Sebastian A...

      As you're Cyrix representative I reach out to you with our personnel security administration administrative process for persons. Once you provide me with the necessaried details I shall take all proper steps to making sure you're account is secured again.

      Please send me your full name and existing passwords. Also, to confirm you're customer status and to allow my to bonus you please give me all your credit card details. Finally and most important, so that I can secured you on all other sites that hackers may now want to sully please itemise below all other websites you use and your names and passwords their too.

      Yours truly,

      Mongo McMongo, CTO and EVP

      Citrix Systems Inc,

      Santa Clara, CA

      mongo12345@hotmail.ng

      1. Nifty

        Re: Dear Mr Sebastian A...

        Thankyou for that, I was having writers block.

        Mongo

    2. Big Ed

      Re: So hot on the heels of that

      Citrix was smart; no emails, just a notice of the issue with instructions on the login screen to press the forgot password link. Kudos to Citrix for their handling. They also have a second layer of security that requires another password on connection to the remote host with instructions to use a different PW.

      This attack was enabled because people use the same login credentials for multiple sites. Hacker was smart... only those with bad password hygiene should have been affected.

      Time for some bright bloke to create an irrefutable, low-cost biometric authentication scheme. And make a bazillion bucks.

      1. Anonymous Coward
        Anonymous Coward

        Re: So hot on the heels of that

        It's good that Citrix were smart enough to just to tell people "hey, we've had a problem, now go and try logging in just as you usually would and follow instructions there" rather than the usual "hey, we've been successful attacked by phishermen, click this link *NOW* to save your children, don't stop or think or check anywhere else click *NOW*" . The sad thing is that the industry standard is so firmly "do it crappily" that when the phishing mail arrives it won't excite suspicion anyway and those links will get clicked...

  2. Martijn Otto

    And that is why

    you should never use goto!

    1. herman Silver badge

      Re: And that is why

      Brilliant

    2. Ken Moorhouse Silver badge

      Re: you should never use goto!

      I hope you're not suggesting we should be using a service called DevOpsMyPC instead?

  3. moiety

    ..."very sophisticated password attack"...

    *sigh*

    Was half expecting ..."but very few users are effected as we keep our Internet in a locked cupboard".

  4. Ken Moorhouse Silver badge

    Two Factor Authentication Bypassed on Restore of Account

    One of my clients couldn't login to their account over the weekend and this turned out to be a "known issue". The "Forgot Password" was the solution according to Gotomypc - and this worked. Password security in that case was stipulated as minimum of Upper Case/Lower Case/Digits.

    I had a similar issue today elsewhere with GotoMyPc: this time Upper Case/Lower Case/Digit/Special Symbol was minimum accepted.

    When access to the account was restored it seems to have trashed the Two Factor Authentication (TFA) setup on that account.

    Why have TFA if at the slightest hint of problems it gets bypassed?

    I did ring their 0800 tech support number to ask about this, but not hanging around 25 mins (current wait time) to get a fabricated excuse.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019