Google warns hackers stealing Salesforce data from companies
The piracy group impersonates the IT employees to storm the Salesforce tools for companies, using the arrival of data theft and extortion, according to a new report from the Google Threat Intelligence Group collection.
Google said that infiltrators, who have links to a group of regularly regular infiltrators in the United States, the United Kingdom and Western Europe called Com, have successfully violated the networks of at least 20 companies in the United States and Europe.
They are working by summoning employees and pretending to be supportive of information technology support, persuading them to provide sensitive accreditation data and use this to steal the Salesforce data, Google said in the report published on Wednesday. In some cases, the infiltrator was able to deceive the employee in connecting a harmful application to the Slesforce gate of their institution, allowing the infiltrator to steal the Salesforce data.
Some of the victims did not receive extortion request in exchange for deleting the data until months after it was stolen, according to the report. Google said that the infiltrators relied on the manipulation of its victims, not any weakness in the Salesforce tools.
“There is no indication that the described issue stems from any security vulnerability in our services,” said a spokesman for Salesforce in an email. “The attacks such as voicing are the targeted social engineering fraud designed to exploit gaps in cybersecurity awareness of individual users and best practices.”
In the March Blog post, the company noted that the threat actors were using social engineering techniques to storm the Slesforce accounts for its customers, and provided guidelines to protect from these attacks.
The Google report comes as a series of retailers that have been hacked in recent months. Marks & Spence Group PLC faces 300 million pounds ($ 406 million) that reaches operating profits this year due to the ransom attack in April. Group of British cooperative grocery group shortly revealed that she was also victims of the electronic attack. Adidas Ag and Victoria’s Secret & Co. Cartier and North Face are also on cyber security incidents in recent weeks. The Google report did not specify specific victims.
“Although we have seen this targeted group of retail, they also targeted other industries and we do not have enough information to link this group categorically to the recent hackers in the United States and the United Kingdom on a larger scale,” said Austin Larsen, the main threat analyst at the Google Group of Tensions.
Google said that the piracy group used the infrastructure and methods used by COM members previously. Members of the spider -spread piracy group, which was accused of a wide range of prominent attacks in recent years, many of which included impersonating information technology, was also linked to COM, which mostly consists of the intelligence of young people who organized on social media channels to steal the encrypted currency by controlling the numbers of victims’ phone phone.
Google urged companies to stay vigilant against the so -called social engineering attacks.
This story was originally shown on Fortune.com
Don’t miss more hot News like this! Click here to discover the latest in Business news!
2025-06-04 18:12:00
