Google has revealed that one of its Salesforce database systems, used for holding information on small- and medium-sized businesses, was breached by hackers. The intrusion has been attributed to ShinyHunters, a cybercrime group known for extorting companies with stolen data.
In a blog post on Tuesday, Google said it believed ShinyHunters, also known as UNC6040, was able to briefly access “basic and largely publicly available business information, such as business names and contact details,” before being booted from the system.
Google has not said whether it has received ransom requests in relation to the breach.
Hacking through ‘social engineering’
The notice of the breach came as an update to a June report from Google that warned of the hacking group’s extortion activities. Google said ShinyHunters were breaching company databases by using voice phishing, or “vishing,” a tactic that involves social engineering over the phone.
Members of ShinyHunters often pose as IT support personnel to trick company employees into granting access to restricted information. After gaining access to internal files, ShinyHunters will call the targeted companies again to demand a ransom.
“The extortion involves calls or emails to employees of the victim organization demanding payment in bitcoin within 72 hours,” Google wrote. “During these communications, UNC6240 has consistently claimed to be the threat group ShinyHunters.”
Google said it knows of no instances in which hackers gained access by exploiting any vulnerability in Salesforce. Instead, the hackers have solely relied on what they called “particularly effective” social engineering tactics.
“Threat actors are increasingly targeting IT support personnel as a primary vector for gaining initial access, exploiting their roles to compromise valuable enterprise data,” Google wrote. “The success of campaigns like UNC6040’s, leveraging these refined vishing tactics, demonstrates that this approach remains an effective threat vector for financially motivated groups seeking to breach organizational defenses.”
Group targets major companies
A ShinyHunters member told the tech site BleepingComputer this week that the group was responsible for the breach of a trillion-dollar company, but did not specify whether that meant Google.
The hacking group said it was considering leaking all the data without making any extortion attempts.
Other high-profile companies targeted by ShinyHunters include Adidas, AT&T, Cisco, Louis Vuitton, Dior and Tiffany & Co., among others.
Click this link for the original source of this article.
Author: Alan Judd
This content is courtesy of, and owned and copyrighted by, https://straightarrownews.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact USSANews.com using the email address in the Contact page found in the website menu.
