It appears that hackers managed to penetrate the secure internal network of tech titan Google, leveraging their Salesforce account as a way into the system.
According to the tech titan, a hacking collective called “ShinyHunters,” who are infamous for exploiting big companies through deceptive social engineering methods, managed to infiltrate the firm’s database systems.
It has been reported that ShinyHunters is associated with cyber attacks on several prominent corporations, including AT&T Wireless, Microsoft, Mashable, and numerous others of significant size.
In June, Google announced that they have conclusively identified an incident where the cybercriminal group known as ShinyHunters managed to infiltrate one of their systems integrated with Salesforce, a renowned CRM service provider.
In June, a Google corporate Salesforce system was affected by activity similar to what’s detailed in this post (specifically UNC6040). Recognizing this activity, Google took action, conducted an assessment of the damage, and initiated measures to counteract it.
The system was employed for storing contact info and relevant notes of small and medium-sized enterprises. An investigation found out that during a brief period, this data was accessed by a potential threat. This information accessed includes essential business details like names and contacts, which are generally open to public knowledge.
Hackers reportedly initiate their scheme by making a call impersonating Salesforce staff members, aiming to get hold of a Salesforce account. This deception often leads to the theft of the account’s data. The stolen information can either be sold on underground online markets known as the “dark web” or used for extortion purposes.
Says Google,
Voice phishing, often referred to as vishing, is a deceitful practice where criminals impersonate trusted entities to trick individuals into revealing sensitive information. This method isn’t new or groundbreaking; it has been extensively used by numerous fraudulent groups seeking financial gain over the past few years, with varying degrees of success.
However, UNC6040’s campaign stands out due to its specialization in stealing data from Salesforce systems. This action highlights a growing issue: cybercriminals are frequently exploiting IT support staff as a primary means of gaining entry and ultimately accessing valuable business data.
The UNC6040 campaign is unique because it’s about taking data from Salesforce systems. This act shows that hackers are often using IT helpers as a way to sneak into companies and get their hands on important information.
Read More
- SOL PREDICTION. SOL cryptocurrency
- ETH PREDICTION. ETH cryptocurrency
- Brent Oil Forecast
- WLD PREDICTION. WLD cryptocurrency
- EUR USD PREDICTION
- USD IDR PREDICTION
- EUR AUD PREDICTION
- USD CLP PREDICTION
- TAO PREDICTION. TAO cryptocurrency
- XRP AUD PREDICTION. XRP cryptocurrency
2025-08-17 17:51