Menu
Salesforce warns customers of malware attack

Salesforce warns customers of malware attack

A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials

Salesforce.com users are being targeted by a new version of a computer Trojan that has typically attacked online banking customers until now.

The malware threat is called Dyre or Dyreza and came to light in June. Like most online banking Trojans, it hooks the browser process to capture log-in credentials entered by users on websites belonging to financial institutions.

The original Dyre version found in June by researchers from PhishMe and CSIS Security Group targeted the sites of Bank of America, NatWest, Citibank, RBS and Ulsterbank. However, it appears the program's creators have recently added Salesforce.com to the list.

"On September 3, 2014, one of our security partners identified that the Dyre malware (also known as Dyreza), which typically targets customers of large, well-known financial institutions, may now also target some Salesforce users," Salesforce said in a security advisory published on its website.

"We currently have no evidence that any of our customers have been impacted by this, and we are continuing our investigation," the company said. "If we determine that a customer has been impacted by this malware, we will reach out to them with next steps and further guidance."

Salesforce advised customers to use the platform's IP range restriction feature to allow access to accounts only from trusted corporate networks and VPNs. Enabling two-factor authentication via the Salesforce# mobile app and turning on SMS-based identity confirmation for log-in attempts from unknown sources is also recommended.

Dyreza is not the first malware program to target Salesforce. In February, researchers from a security firm called Adallom found a variant of the well-known Zeus Trojan that had been modified to scrape business data from compromised Salesforce accounts.

"This alert is yet another in a growing number of wakeup calls for SaaS [Software-as-a-Service] adopters that you cannot rely exclusively on your SaaS provider to secure your data inside of their SaaS application," the Adallom researchers said following the new Salesforce alert. "From the perspective of Salesforce.com, this is not a vulnerability within Salesforce since the malware resides on infected customer computer systems, and therefore only the affected customer is accountable for any data that is modified, exfiltrated, or deleted through this attack."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securitySalesforce.comphishmeAdallomAccess control and authenticationspywareCSIS Security Groupdata protectionmalware

Featured

Slideshows

Educating from the epicentre - Why distributors are the pulse checkers of the channel

Educating from the epicentre - Why distributors are the pulse checkers of the channel

​As the channel changes and industry voices deepen, the need for clarity and insight heightens. Market misconceptions talk of an “under pressure” distribution space, with competitors in that fateful “race for relevance” across New Zealand. Amidst the cliched assumptions however, distribution is once again showing its strength, as a force to be listened to, rather than questioned. Traditionally, the role was born out of a need for vendors and resellers to find one another, acting as a bridge between the testing lab and the marketplace. Yet despite new technologies and business approaches shaking the channel to its very core, distributors remain tied to the epicentre - providing the voice of reason amidst a seismic industry shift. In looking across both sides of the vendor and partner fences, the middle concept of the three-tier chain remains centrally placed to understand the metrics of two differing worlds, as the continual pulse checkers of the local channel. This exclusive Reseller News Roundtable, in association with Dicker Data and rhipe, examined the pivotal role of distribution in understanding the health of the channel, educating from the epicentre as the market transforms at a rapid rate.

Educating from the epicentre - Why distributors are the pulse checkers of the channel
Kiwi channel reunites as After Hours kicks off 2017

Kiwi channel reunites as After Hours kicks off 2017

After Hours made a welcome return to the channel social calendar last night, with a bumper crowd of distributors, vendors and resellers descending on The Jefferson in Auckland to kickstart 2017. Photos by Maria Stefina.

Kiwi channel reunites as After Hours kicks off 2017
Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Show Comments