You Are Here Home TECHNOLOGY Google Warns of Fake Salesforce App Used in Hack and Extortion Scheme

Google Warns of Fake Salesforce App Used in Hack and Extortion Scheme

Crime Today News - 05/06/2025 at 12:24
Google Warns of Fake Salesforce App Used in Hack and Extortion Scheme

There are plenty of legitimate apps that are not available in the Apple App Store or the Google Play Store. However, we have always cautioned that it’s best to download from these official stores just to be safe. If you ever needed a reason why, Google researchers have discovered a campaign where hackers trick company employees into installing a modified Salesforce app.

Google warns of modified Salesforce app

Google researchers discovered a group of hackers running an operation called “The Com,” which tricks company employees into using a modified Salesforce app. This modified app allows hackers to steal sensitive information, which is later used in an extortion scheme.

Speaking to Recorded Future News, Austin Larsen, principal threat analyst at Google’s Threat Intelligence Group, says, “A subset of organizations targeted by UNC6040 had data successfully exfiltrated. In some instances, extortion demands weren’t made until several months after the initial intrusion activity by UNC6040. This could suggest that UNC6040 has partnered with a second threat actor that monetizes access to the stolen data.”

This scam works by using a voice call to company employees. During the call, the hackers trick these employees into visiting a fake Salesforce-connected app setup page. On the page, employees are asked to approve the modified version of the app. In addition to stealing sensitive information, the hack goes one step further. It also allows the attacker to move through the company’s network.

This allows them to attack other parts of the company, including its cloud services and internal networks.

Salesforce responds

Following the report, Salesforce told Reuters that there is no indication that this could indicate a vulnerability on its platform. It also declined to share how many customers might have been affected by this social engineering scheme. However, it says that it is “not a widespread issue.”

For now, Salesforce is warning customers of potential voice phishing scams that involve the use of malicious and modified versions of Data Loader. That being said, a Google spokesperson told the publication that it estimates that roughly 20% of organizations have been targeted by this campaign.

This article first appeared on Android Headlines

📰 Crime Today News is proudly sponsored by DRYFRUIT & CO – A Brand by eFabby Global LLC

Design & Developed by Yes Mom Hosting

2 Likes

Crime Today News

Crime Today News is Hyderabad’s most trusted source for crime reports, political updates, and investigative journalism. We provide accurate, unbiased, and real-time news to keep you informed.

Related Posts

Tesla is reportedly blocking the city of Austin from releasing Robotaxi records

Tesla is reportedly blocking the city of Austin from releasing Robotaxi records

The ultimate flex for your gaming desk is 9 off right now

The ultimate flex for your gaming desk is $899 off right now

Dreamcast emulator drops iOS support following harassment

Dreamcast emulator drops iOS support following harassment

Retroid announced a dual-screen device, but not what you expect

Retroid announced a dual-screen device, but not what you expect

Detailed Health Metrics in Only 60 Seconds

Detailed Health Metrics in Only 60 Seconds

Is it wrong the iPhone's AI battery management is the only WWDC rumor I'm excited about?

Is it wrong the iPhone's AI battery management is the only WWDC rumor I'm excited about?