AnyDesk suffered a production system breach in February 2024 — private keys and source code were stolen. For MSPs responsible for client infrastructure security, this is unacceptable. ProxyLink uses WireGuard, is hosted in Germany, and has zero breach history.
AnyDesk confirmed attackers compromised their production systems — accessing private code signing keys and source code. They were forced to revoke all security certificates and passwords. MSPs using AnyDesk at the time of the breach were connecting to client systems through infrastructure that had been compromised. ProxyLink sessions relay through our EU-hosted server (Hetzner, Germany) — there is no third-party relay company in the path. For network devices — cameras, switches, PBX systems — there is no ProxyLink software on the device that an attacker could compromise.
| Feature | ProxyLink | AnyDesk |
|---|---|---|
| Breach history | ||
| EU-hosted infrastructure | ||
| Open-source protocol (WireGuard) | ||
| Proprietary codec / routing | DeskRT codec | |
| Agent required on target device | No (network devices) | Yes (all devices) |
| Browser RDP/VNC/SSH — no install | ||
| Reach cameras, PBX, NVR remotely | ||
| One tunnel = entire LAN | ||
| NIS2 audit log | ||
| MSP multi-tenant management | Limited | |
| Free tier available |
AnyDesk's DeskRT codec is closed-source. When their production systems were breached, attackers had access to the source code and could theoretically identify vulnerabilities that haven't been patched. You have no way to audit what's running between you and your client's machine.
WireGuard is a 4,000-line open-source protocol that has been independently audited multiple times. It's included in the Linux kernel. There is nothing to hide — the entire encryption implementation is public and peer-reviewed. Your tunnel's security rests on a public, audited protocol, not on a vendor's secret implementation.
By default, AnyDesk routes remote sessions through their own relay servers when a direct connection isn't possible. This means your client's screen content passes through AnyDesk infrastructure — infrastructure that was compromised in 2024.
RDP, VNC, and SSH sessions relay through a single ProxyLink server in Germany (Hetzner, Falkenstein) — no third-party remote-access relay network like AnyDesk's. WireGuard tunnel traffic connects directly to that EU endpoint; the web layer is fronted by Cloudflare's edge for TLS and WAF. One EU server you can name, on the open WireGuard protocol — not a global closed-source agent network.
Free during early access. WireGuard. EU-hosted. No breach history. No credit card.
Get free access →