Ammyy
| Primary URL | Location | Industry | ammyy[.]com |
Country
Russia
|
Technology
|
|---|
Profile
Ammyy, also known under the alias Ammyy, develops and distributes remote administration software primarily for Windows operating systems. Its flagship product, Ammyy Admin, enables users to establish remote desktop connections, transfer files, and collaborate across networks without requiring complex configuration. The software is offered in both a free version and a licensed commercial edition, catering to different user needs. Typical use cases include IT support, remote system administration, and access to workstations from off‑site locations. The tool is marketed to individual users, small businesses, and larger enterprises seeking a lightweight remote access solution.
While the organisation does not publish explicit figures on its size or user base, security reports have noted that Ammyy Admin enjoyed broad adoption prior to the incidents described. This widespread distribution made the software an attractive vector for attackers seeking to reach many systems through legitimate installers. In the 2015 incident, the free version of the tool was bundled with Buhtrap malware, indicating that the installer reached a large number of users. Similarly, the 2018 compromise of the official website allowed malware‑infected versions to be downloaded by visitors over a two‑day window. The reliance on a single download channel amplified the impact of these supply‑chain attacks.
A distinguishing attribute of Ammyy is its focus on delivering a simple, lightweight remote administration client that avoids heavyweight dependencies. The software’s code signing practices have been highlighted in security analyses, particularly when a revoked digital certificate was associated with the Buhtrap campaign. The organisation’s headquarters are located in Russia, as indicated in the provided context. No explicit information about parent companies, subsidiaries, or ownership structure is available in the source material. Consequently, the profile is limited to the confirmed facts about the product’s function, its noted adoption, and the security events that have affected it.