Hackers abuse modified Salesforce app to steal data, extort companies, Google says
Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to other corporate cloud services and extort those companies, Google said on Wednesday.
The hackers – tracked by the Google Threat Intelligence Group as UNC6040 – have 'proven particularly effective at tricking employees' into installing a modified version of Salesforce's Data Loader, a proprietary tool used to bulk import data into Salesforce environments, the researchers said.
The hackers use voice calls to trick employees into visiting a purported Salesforce connected app setup page to approve the unauthorized, modified version of the app, created by the hackers to emulate Data Loader.
If the employee installs the app, the hackers gain 'significant capabilities to access, query, and exfiltrate sensitive information directly from the compromised Salesforce customer environments,' the researchers said.
The access also frequently gives the hackers the ability to move throughout a customer's network, enabling attacks on other cloud services and internal corporate networks.
Technical infrastructure tied to the campaign shares characteristics with suspected ties to the broader and loosely organized ecosystem known as 'The Com,' known for small, disparate groups engaging in cybercriminal and sometimes violent activity, the researchers said.
A Google spokesperson did not share additional details about how many companies have been targeted as part of the campaign, which has been observed over the past several months.
A Salesforce spokesperson told Reuters in an email that 'there's no indication the issue described stems from any vulnerability inherent in our platform.' The spokesperson said the voice calls used to trick employees 'are targeted social engineering scams designed to exploit gaps in individual users' cybersecurity awareness and best practices.'
The spokesperson declined to share the specific number of affected customers, but said that Salesforce was "aware of only a small subset of affected customers," and said it was "not a widespread issue."
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
CNA
4 hours ago
- CNA
X plays up blue checkmark disclaimer to stave off possible EU fine, source says
BRUSSELS :Elon Musk's social media company X has highlighted a disclaimer to its blue checkmark in an attempt to head off a possible hefty fine from EU antitrust regulators, a person familiar with the matter said. The European Commission in July last year charged X with deceiving users, saying that the blue checkmark does not correspond to industry practices and that anyone can pay to get a "verified" status. The blue checkmark had previously indicated that an account belonged to a public figure whose identity was verified but Musk changed it to indicate it belonged to a paid subscriber after acquiring X in 2022. X has not admitted wrongdoing and the prominent display of the blue checkmark disclaimer is not part of any settlement proposal with the EU tech enforcer, the person said. The prominent display started a week ago. The Commission said it took note of X's announcement. "Our investigation related to the blue checkmark is ongoing," a spokesperson said. X did not immediately respond to an emailed request for comment. The EU probe is under the Digital Services Act which requires large online platforms to do more to tackle illegal and harmful content or risk fines as much as 6 per cent of their global annual revenue.
Nylon
7 hours ago
- Nylon
Google and Gentle Monster set to launch AI smart eyewear collaboration with Android XR
At the recent Google I/O 2025, the tech giant and South Korean global eyewear brand Gentle Monster announced that they will be teaming up to launch their first-ever AI smart eyewear collaboration with Android XR. Image courtesy of Google. During the announcement, General Manager and Vice President of Google XR, Shahram Izadi, shared that creativity and sophistication are essential design features for technology to integrate into everyday life and with Gentle Monster onboard as the first partner highlights a pivotal step in the evolution of AI smart eyewear into essential, lifestyle fashion items. Although no launch date for the collaboration has been set yet, Google foresees that the new partnership is looking to seamlessly integrate extended reality into everyday life by showcasing cutting-edge smart technology alongside the refined aesthetics of Gentle Monster.
CNA
7 hours ago
- CNA
Lawyers face sanctions for citing fake cases with AI, warns UK judge
LONDON :Lawyers who use artificial intelligence to cite non-existent cases can be held in contempt of court or even face criminal charges, London's High Court warned on Friday, in the latest example of generative AI leading lawyers astray. A senior judge lambasted lawyers in two cases who apparently used AI tools when preparing written arguments, which referred to fake case law, and called on regulators and industry leaders to ensure lawyers know their ethical obligations. "There are serious implications for the administration of justice and public confidence in the justice system if artificial intelligence is misused," Judge Victoria Sharp said in a written ruling. "In those circumstances, practical and effective measures must now be taken by those within the legal profession with individual leadership responsibilities ... and by those with the responsibility for regulating the provision of legal services." The ruling comes after lawyers around the world have been forced to explain themselves for relying on false authorities, since ChatGPT and other generative AI tools became widely available more than two years ago. Sharp warned in her ruling that lawyers who refer to non-existent cases will be in breach of their duty to not mislead the court, which could also amount to contempt of court. She added that "in the most egregious cases, deliberately placing false material before the court with the intention of interfering with the administration of justice amounts to the common law criminal offence of perverting the course of justice". Sharp noted that legal regulators and the judiciary had issued guidance about the use of AI by lawyers, but said that "guidance on its own is insufficient to address the misuse of artificial intelligence".
