Hackers are tricking company employees into installing a fake version of a Salesforce app, according to Google. This app, once installed, allows hackers to steal data, access company systems, and demand money from businesses.
Read more: Did ChatGPT Just Remember What You Said? Big Update for Free Users — Here’s How It Works
How It Works:
The hackers—identified by Google’s Threat Intelligence Group as “UNC6040″—are targeting workers in Europe and the Americas. They use phone calls to fool employees into visiting a fake website that looks like it belongs to Salesforce. There, the employees unknowingly install a modified version of a real tool called Data Loader, which is normally used to upload large amounts of data into Salesforce.
Once installed, this fake app lets the hackers:
- Steal sensitive company data from Salesforce.
- Break into other cloud services and company systems.
Who’s Behind It:
Google believes the technical setup used in these attacks is linked to a loosely organized cybercrime group called “The Com.” This group is known for hacking and sometimes even violent crimes.
Impact So Far:
A Google spokesperson told reporters that around 20 organizations have been affected. Some of them had their data stolen.
Salesforce responded by saying:
- Their system itself is not vulnerable.
- The attacks are social engineering scams—hackers are tricking people, not breaking into systems directly.
- Only a small number of their customers were affected.
Also See: Samsung May Bring Perplexity AI to Galaxy S26, Bixby, and Samsung Internet
