Posted July 6, 2023
Observability tools are a must for many of us in the software development industry to efficiently debug infras...
AnyDesk
AnyDesk is a remote desktop application that enables quick, secure connections across a range of devices. The software is widely used by businesses for legitimate purposes such as support, file transfer and real-time collaboration. However, threat actors frequently exploit it to gain unauthorized access to personal or financial data by tricking victims into installing the software.
In December 2024, two separate campaigns documented by security vendors illustrated how threat actors continue to leverage AnyDesk for illicit activities. In the first campaign, an attacker posed as a known client during a Microsoft Teams call, convincing the victim to install AnyDesk, which facilitated the deployment of DarkGate malware. In the second campaign, threat actors capitalized on the previously patched CVE-2023-48788 vulnerability in a FortiClient endpoint management system (EMS) for initial access. After using a ScreenConnect executable file to gain remote access, they installed AnyDesk as a means of securing persistence on the compromised system. Furthermore, the Computer Emergency Response Team of Ukraine (CERT-UA) issued an alert Jan. 17, 2025, about ongoing fraudulent attempts by unidentified threat actors to impersonate the agency through AnyDesk connection requests.
The underground market is rife with offers from initial access brokers (IABs) of unauthorized network access via AnyDesk and other RMM tools plus PSA software. For instance, in December 2024, an actor known as Pirat-Networks offered AnyDesk account credentials with local domain administrator privileges to a U.S. vehicle tire vendor. Additionally, AnyDesk featured in ransomware activity by the Mad Liberator, Medusa, Rhysida and Cactus ransomware gangs.
Artifacts observed
Running the installer creates several configuration files in the “%AppData%” directory and a dynamic-link library (DLL) file in the “%temp%” folder.
C:\Users\%userprofile%\AppData\Roaming\AnyDesk\user.conf
C:\Users\%userprofile%\AppData\Roaming\AnyDesk\system.conf
C:\Users\%userprofile%\AppData\Roaming\AnyDesk\service.conf
C:\Users\%userprofile%\AppData\Local\Temp\gcapi.dll
Installing AnyDesk also results in the creation of a folder in the “%ProgramData%” directory to host the configuration files initially in the “%AppData%” directory. This folder is:
C:\ProgramData\AnyDesk\
DNS requests
One of the best opportunities for detection is monitoring domain name system (DNS) requests for the anydesk.com domain. In our tests, DNS resolutions to the following domains were observed:
boot.net.anydesk.com
relay-8bd65c3e.net.anydesk.com
To increase the opportunities of early detection, we recommend to monitor or block DNS requests that aim to resolve to the *.anydesk.com domain if possible.
Also Read: How To Take Screenshots on Windows and Mac
In order to handle with PSA software and RMM, different payment methods and guarantee secure transactions, payment processing capabilities are essential.
Think about the following:
• Does the software accept a variety of payment methods, including digital wallets, bank transfers, debit cards, and credit cards?
•Is the integration with well-known payment gateways seamless?
Analytics and Real-Time Reporting
Gaining insight into your financial operations requires having access to real-time reporting and analytics.
Examine these aspects:
• Do visual dashboards offer instant insights into payment trends, aging reports, and receivables?
•Can you provide detailed reports on client behaviour, payment history, and overdue invoices?
Also Read: How to Check System Uptime on Windows
• It gives all team members a single source of truth so they can understand what impacts the bottom line.
•A financial integration improves business control and visibility.
It is a centralized information hub where the entire team may access real-time data.
• The impact of fact-based decision-making is more beneficial to the organization since it increases the agility and transparency of business operations by basing integration decisions on real-time facts rather than intuition.
Important Features
Let's take a closer look at selecting the best PSA software and RMM tools for your company now that you understand what PSA is and how its integration can benefit the firm on a large scale. Before you make a final decision, we will present you with the features to consider.
Integrations
CRM Integration
There are numerous advantages to having a PSA system that is closely integrated with the CRM system. In addition to providing greater visibility into the active projects, this close-knit integration automates the quote to cash process and more. Although you should always get customer references to verify the strength of the PSA and CRM integration, it is crucial to clarify the best site for first-time integration since it makes the implementation process difficult.
Also Read: What is SHA256 Encryption: How it Works and Applications
The next steps are to get in touch with the vendors you have shortlisted by email, chatbot, or social media to better understand their offerings and initiate a conversation. Take screenshots of the RMM tools and PSA software solutions to get a sense of their features and impact. Speak with the solution experts to learn about the product's limitations and any extra expenses resulting from customisation or other needs.
Inquiries to make during a demonstration session:
• Could you demonstrate the use of this function for me?
• Is there another way to complete this?
• How can the solution help me with this?
• What features does the mobile app offer?
•Do you provide services to other clients in my industry?
•Are you able to provide customized testimonials?
Obtain unwavering support
Discuss your vendor analysis and solution comparison with all the stakeholders, including the CFO, finance director, AR manager, and other executives. Participate in the demo calls and other high-level conversations with the staff members. Create a shortlist of one or two vendors to work with based on your interactions with them and the ratings you gave their products and services.
These five steps might assist you in selecting the best accounts that are available for collection for your business.
Also Read: How To Take Screenshots on Windows and Mac
Accessibility on the go
You may manage accounts remotely thanks to RMM tools and PSA software.
Pose the following queries:
• Is it possible to access and manage accounts that are retrieved from mobile devices using a mobile app?
•Does the responsive design of the software function consistently across desktop and mobile devices?
Scalability
Features that ensure scalability make sure the software can expand with your business.
Consider these aspects:
• Does the software have features that can grow with your company to meet new needs and handle increasing transaction volumes?
Customer Service
Reliable customer service is essential for answering any questions or concerns you may have.
Consider the following:
• Is customer service available 24/7 to help with any questions or concerns?
• Is there a knowledge base, training materials, and tutorials available for effective software use?
Also Read: What is SHA256 Encryption: How it Works and Applications