Threat actors are leveraging TeamViewer to gain initial access to the endpoints of organizations and attempt to deploy encryptors based on the leaked LockBit ransomware builder. Being one of the most popular remote access tools, used by enterprises from all over the world, TeamViewer is also cherished by scammers and ransomware actors, who use it to gain access to remote desktops to drop and execute malicious files unbothered.

Source: Heimdal Security Blog