Hackers are using a modified Salesforce app to trick employees and extort companies, Google says
Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to other corporate cloud services and extort those companies, Google said on Wednesday.
The hackers – tracked by the Google Threat Intelligence Group as UNC6040 – have 'proven particularly effective at tricking employees' into installing a modified version of Salesforce's Data Loader, a proprietary tool used to bulk import data into Salesforce environments, the researchers said.
The hackers use voice calls to trick employees into visiting a purported Salesforce connected app setup page to approve the unauthorized, modified version of the app, created by the hackers to emulate Data Loader.
If the employee installs the app, the hackers gain 'significant capabilities to access, query, and exfiltrate sensitive information directly from the compromised Salesforce customer environments,' the researchers said.
The access also frequently gives the hackers the ability to move throughout a customer's network, enabling attacks on other cloud services and internal corporate networks.
Technical infrastructure tied to the campaign shares characteristics with suspected ties to the broader and loosely organized ecosystem known as 'The Com,' known for small, disparate groups engaging in cybercriminal and sometimes violent activity, the researchers said.
A Google spokesperson told Reuters that roughly 20 organizations have been affected by the UNC6040 campaign, which has been observed over the past several months. A subset of those organizations had data successfully exfiltrated, the spokesperson said.
A Salesforce spokesperson told Reuters in an email that 'there's no indication the issue described stems from any vulnerability inherent in our platform.' The spokesperson said the voice calls used to trick employees 'are targeted social engineering scams designed to exploit gaps in individual users' cybersecurity awareness and best practices.'
The spokesperson declined to share the specific number of affected customers, but said that Salesforce was 'aware of only a small subset of affected customers,' and said it was 'not a widespread issue.'
Salesforce warned customers of voice phishing, or 'vishing,' attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
27 minutes ago
- Yahoo
Russian attack on Ukraine's Kharkiv kills three, wounds 22, mayor says
KYIV (Reuters) -Russia attacked the eastern Ukrainian city of Kharkiv at night with drones, missiles and guided bombs, killing at least three people and injuring 22, including a one-and-a-half-month-old baby, the city mayor, Ihor Terekhov, said on Saturday. One of Ukraine's largest cities, Kharkiv is located just a few dozen kilometres from the Russian border and has been under constant Russian shelling during more than three years of war. "Kharkiv is currently experiencing the most powerful attack since the start of the full-scale war," Terekhov said on the Telegram messenger early on Saturday. Dozens of explosions were heard in the city through the night and Russian troops were striking simultaneously with missiles, drones and guided aerial bombs, he said. Multi-storey and private residential buildings, educational and infrastructure facilities were attacked, Terekhov noted. Photos by local authorities and Reuters showed burnt and partially destroyed houses and vehicles, and of rescuers carrying those injured to safety and removing debris. Kharkiv governor Oleh Syniehubov said that one of the city's civilian industrial facilities was attacked by 40 drones, one missile and four bombs, causing a fire, adding there may still be people under the rubble. The Ukrainian military said Russia launched 206 drones, 2 ballistic and 7 other missiles against Ukraine overnight. It said its air defence units shot down 87 drones while another 80 drones were lost - in reference to the Ukrainian military using electronic warfare to redirect them - or they were drone simulators that did not carry warheads. Ten locations were hit, the military said.
Yahoo
an hour ago
- Yahoo
Analysts unveil bold forecast for Alphabet stock despite ChatGPT threat
Analysts unveil bold forecast for Alphabet stock despite ChatGPT threat originally appeared on TheStreet. You typed in a question and clicked a few links, and Google could get paid if you landed on an ad. For years, that simple cycle helped turn Google into a trillion-dollar titan. But now, that model is under threat. 💵💰💰💵 AI-powered chatbots like OpenAI's ChatGPT are rapidly changing how people find answers. Instead of browsing through links, users are getting direct summaries on AI. These 'zero-click' searches quietly erode the economics that built the modern internet. The number of users is growing fast. OpenAI CEO Sam Altman said in April that ChatGPT already has 'something like 10% of the world" in terms of users, pegging the number closer to 800 million, Forbes reported. Even Google seems to know it. It's giving AI answers, called AI Overviews, right at the top of the page. "What's changing is not that fewer people are searching the that more and more the answers to Google are being answered right on Google's page. That AI box at the top of Google is now absorbing that content that would have gone to the original content creators," Cloudflare CEO Matthew Prince said in a CNBC interview. Alphabet () , Google's parent company, isn't showing any cracks just yet. In April, the company posted first-quarter revenue of $90.23 billion, topping Wall Street expectations. Earnings per share came in at $2.81, far above the forecasted $ the backbone of Google's business, brought in $66.89 billion, accounting for nearly three-quarters of total revenue. Its 'Search and other' segment rose almost 10% year over year, hitting $50.7 billion. Meanwhile, Google's own AI tools are starting to show traction. AI Overviews now has 1.5 billion users per month, up from 1 billion in October, the company said. So far, the numbers suggest that AI isn't cannibalizing Google's business yet. Bank of America remains bullish on Alphabet stock. The firm reiterated a buy rating and a price target of $200, which implies a potential 15% upside from current levels, according to a recent research report. The firm said in May, Google's global average daily web visits held steady at 2.7 billion, unchanged from the previous month and down 2% from a year earlier. ChatGPT, meanwhile, saw a 3% month-over-month increase to 182 million, marking a 105% jump the U.S., Google traffic slipped 2% year-over-year to 524 million daily visits, while ChatGPT surged 112% over the same period to 26 million. Although Google has highlighted the growing reach of its AI Overviews, analysts are uncertain whether it's translating into more traffic. 'So far, we are not seeing a lift in Google traffic from AI Overviews expansion, though we think the search experience is much improved,' the analysts wrote. The competition is real. Google's global search share also edged down in May, falling 8 basis points month-over-month and 123 basis points year-over-year to 89.6%, according to Statcounter. Still, Bank of America analysts remain optimistic on Alphabet stock. "While ChatGPT's traffic continues to grow rapidly, we think Google remains well-positioned given its scale, multi-product reach, data assets, and robust monetization infrastructure," the analysts said. "AI can expand overall search monetization by better understanding the intent behind complex and long-tail queries that were previously hard to monetize," they added. Morningstar's Malik Ahmed Khan echoed that sentiment, saying Alphabet's diverse revenue streams and global exposure should cushion any hits, even as regulatory and AI risks mount, according to a May research report. Alphabet stock closed at $174.92 on June 6. The stock is down 8% unveil bold forecast for Alphabet stock despite ChatGPT threat first appeared on TheStreet on Jun 6, 2025 This story was originally reported by TheStreet on Jun 6, 2025, where it first appeared. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Forbes
2 hours ago
- Forbes
Samsung Confirms Upgrade Choice—Galaxy Users Must Now Decide
This decision defines the future of your phone. Republished on June 7 with reports into Google's new decision for Android users. A timely warning from Samsung this week, which neatly sets out the biggest upgrade decision now facing Android users. As whispers start to spread suggesting a disconnect between Samsung and Google at the heart of Android, this is critical. We're talking AI and the new features and offerings now hitting phones and PCs at breakneck speed. This is where Galaxy has an advantage, Samsung says, 'in privacy-first, AI-powered experiences' which can 'protect you in the era of AI.' The question the Galaxy-maker asks in its latest post is the right one: 'This level of personalization' brought by AI 'can be incredibly helpful, but the more your phone knows, the more there is to protect. So, what's keeping all that personal data secure?' Samsung's answer is Knox. 'Every Galaxy device is protected from the chip up by a multi-layered approach, which includes on-device personalization, user-controlled cloud processing, and ecosystem-wide protection through Samsung Knox Matrix.' This is Samsung's secure ecosystem that is the closest replica to Apple's securely walled garden currently available on Android. 'At the core of this system is Samsung Knox Vault, Samsung's hardware-based solution for your most sensitive information.' Knox is not new and neither is the concept of hardware-enabled Galaxy data security. What is new is segmenting sensitive the latest AI-related data from the rest, and securing that alongside the more traditional PINs, passwords and credit card numbers. 'Location service metadata from your most personal photos,' Samsung says, 'could easily give away the exact location where the image was taken.' And there's not much data more sensitive than who did what, where and when. 'In the era of AI, personal information like your home address, face clustering ID, person ID, pet type, scene type and more need to be encrypted and stored in a safe location. These things aren't just files — they are deeply connected to your daily life.' It's unclear exactly what is being or will be segmented and how this plays into the various opt-ins that Samsung has added to distinguish between on-device and cloud AI, between what is only within your secure enclave and what is outside. But it's difficult not to read this push as a play against the latest announcements from Google and the cloud-based AI that will now run riot across sensitive data, including emails and even cloud data storage. Yes, there are always opt-outs, but it's all or nothing for users who want AI but are not yet worrying about privacy. 'As Galaxy AI becomes more useful,' Samsung says, 'it also becomes more personal — learning how you use your device and adapting to your needs… Knox Vault is more than a security feature, it's Galaxy's promise that no matter how advanced your devices become, or how much AI evolves, your privacy is secured.' Google, meanwhile, will not make this decision easy for Samsung user. No one is rolling out new smartphone AI innovations faster, and it will always overshadow what can be done if users take a privacy-centric, device-only approach. Per Android Police, the latest update is 'Google's Gemini replacing Google Assistant as the default AI assistant, taking on all digital assistance responsibilities as Assistant is phased out later this year. Gemini is gaining 'Scheduled Actions,' allowing users to automate recurring tasks and information delivery at specific times.' This is the stepping stone to so-called Agenctic AI on phones, where monitoring data and events and activities enables an agent to make decisions autonomously on a smartphone owner's behalf. This next step, with 'Scheduled Actions streamlining routines [and] offering personalized updates,' is just the start. As Mashable says, 'When combined with computer vision, which is what allows a model to 'see' a user's screen, we get the agentic AI everyone is so excited about… Agentic AI tools could order groceries online, browse and buy the best-reviewed espresso machine for you, or even research and book vacations. In fact, Google is already taking steps in this direction with its new AI shopping experience.' Allowing AI access to smartphones with all the data and insight they contain, pushed this to a level even beyond Windows's controversial Recall. It's decision time.
