Malware Targeting Salesforce Users

'Dyre' Trojan Outlined in Alert to Customers
Malware Targeting Salesforce Users

Salesforce.com, a cloud-based customer relationship management provider, warns that malware known as Dyre is targeting certain customers. The company sees no evidence that any users have been impacted.

See Also: API vs. Proxy: Understanding How to Get the Best Protection from Your CASB

In an e-mail sent to Salesforce.com users Sept. 6, the company explains it was notified on Sept. 3 by its security partners that Dyre was targeting some Salesforce.com users. The e-mail describes Dyre as a malware "which typically targets customers of large, well-known financial institutions."

The news follows an Aug. 21 blog by online security firm Proofpoint that detailed a large-scale credential phishing scheme aimed at JPMorgan Chase customers using the Dyre banking Trojan (see: Alleged Bank Hack Tied to Phishing?).

Salesforce.com says it is continuing its investigation. If it's determined customers are impacted by the malware, the company will reach out to them with next steps and further guidance, the e-mail says.

"This is not a vulnerability within Salesforce," the e-mail says. "It is malware that resides on infected computer systems and is designed to steal user log-in credentials," Salesforce says.

The company recommends that customers work with their IT security team to ensure their security controls are able to detect the Dyre malware. Those who believe they've been infected by the Dyre malware can open a security support case with Salesforce.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network