Salesforce warns customers of Dyre malware situation

Salesforce warns customers of possible hack attempt

Salesforce has uncovered an advanced cyber attack campaign it believes “may” be targeting customers with the the Dyre malware.

Salesforce issued a security advisory confirming it first found evidence of the attack on 3 September, but added that it is yet to see any evidence of a successful exploit.

“On 3 September 2014 one of our security partners identified that the Dyre malware (also known as Dyreza), which typically targets customers of large, well-known financial institutions, may now also target some Salesforce users,” read the advisory.

“We currently have no evidence that any of our customers have been impacted by this, and we are continuing our investigation. If we determine that a customer has been impacted by this malware, we will reach out to them with next steps and further guidance.”

Dyre is a data-stealing malware designed to harvest key bits of information including user login credentials from infected customer systems.

Salesforce said, despite the lack of evidence of a successful exploit, IT managers should still ensure the antivirus solution is equipped to detect and block Dyre. The firm declined V3‘s request for more details.

IBM Trusteer director of Enterprise Security Dana Tamir said the advisory is indicative of a wider evolution in cyber criminal attack practices and warned to expect further campaigns using tools such as Dyre to appear in the near future.

“Over the years, malware developers significantly extended the functionality of these malware families, creating various new variants,” said Tamir.

“The use of massively distributed malware means attackers don’t need to spear-phish targets or design custom malware. Instead, they use mass distribution techniques to infect as many PCs as possible.

“These malware distribution campaigns can use malicious email attachments, drive-by downloads, watering hole attacks, and social engineering schemes to infect millions of PCs around the world.”

The news follows a high-profile cyber strike on JP Morgan. News of the attack broke when JP Morgan confirmed the FBI is looking into a cyber raid believed to have been carried out by Russian hackers in August.

If the article suppose to have a video or a photo gallery and it does not appear on your screen, please Click Here

9 September 2014 | 10:47 am – Source: v3.co.uk

Leave a Reply

Your email address will not be published.