How To Check Anydesk Log History

A scam has emerged asking victims to download an app on their mobile phones or other devices; by doing so, they end up losing money.

According to the victims, they received text messages on their phones advising them that they would be charged for a purchase on Amazon. In the text, victims are provided with a free phone number to cancel the purchase. The victims, who never made the purchase on Amazon, called the toll-free number to cancel the charges. When they called the number to cancel the order, a subject posing as an Amazon employee connects them with someone posing as an Amazon fraud specialist. By speaking to the subject posing as the fraud specialist, victims are directed to download the Anydesk Remote app on their phones, so the fraud specialist can help cancel transactions. The Anydesk Remote app provides the impersonator with access to the victim’s mobile phone, including bank and other accounts stored on the device. Once access is granted through the Anydesk Remote app, the phishers have stolen various amounts of money from the victims.

Clear Remote Desktop Connection History

If you want to remove them, you’ll have to use the Windows Registry, a free tool, and a few other tools that work.

1. Use registry
2. Run script to delete history
3. Delete from Windows Credential Manager
4. Delete Default.RDP file
5. Use the free tool
6. Remove from Mac
7. Use FixIt

Ending the connection

We’ll show you how to get started and end a connection in AnyDesk, both of which only require a couple of quick steps. First, let’s see how you would connect your computer to a new device using AnyDesk.

1. Open AnyDesk on your desktop.
2. Ask your colleague or team member to submit their AnyDesk ID.
3. Copy the ID.
4. Paste in the box under «Remote Desktop» in your main window.
5. Wait for your request to be accepted.

Attack reconstruction from logs

Attackers often delete log data to obfuscate their clues, and this incident was no exception: attackers manually deleted almost all log data about a month earlier. to the investigator’s discovery. However, further forensic investigation indicates that the initial compromise occurred nearly half a year before investigators opened their case. The method of entry was nothing spectacular: opening RDP ports in a firewall that was configured to provide public access to a server.

For a while, it was a relatively quiet invasion. The attackers had a stroke of luck when the account they used to break in via RDP was not only a local administrator on the server, but also had domain administrator permissions, giving it the ability to create user-level accounts. administrator on other servers and desktops.

Remote Desktop with Remote Management

Finally, it is possible to log in to a computer running macOS by enabling Remote Desktop.

Steps to enable as follows: