{"id":331,"date":"2014-09-23T18:53:27","date_gmt":"2014-09-23T18:53:27","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=331"},"modified":"2014-09-23T18:53:27","modified_gmt":"2014-09-23T18:53:27","slug":"trojan-malware-infecting-salesforce-clients","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/","title":{"rendered":"Trojan Malware Infecting Salesforce Clients"},"content":{"rendered":"

\"Trojan<\/a>A warning from Jeff Cozza of NewsFactor to cloud platform, and especially Salesforce users: the “Dyre” or “Dyreza” Trojan Malware has been infecting Salesforce users’ systems in order to seal users’ log in credentials. The new virus, detected by a Salesforce security partner on September 3, appears to be a threat not only to Salesforce users, however, but any cloud platform that relies on only a username and password to access.<\/p>\n

The Dyre Malware is a specific type of Trojan called a “remote access Trojan,” which means it can bypass SSL encryption in order to steal your log in creds, usually after a successful Phishing attack, where an unsuspecting user clicks on a link inside an innocuous looking email. It then proceeds to steal business data from those accessed accounts. Dyre, another iteration of the Zeus Trojan, began its life\u00a0 by going after users of financial institutions like Bank of America, Citbank, NatWest, RBS and Ulster Bank in order to steal their cash. It has now spread beyond the world of Finance, and appears to be an attempt to steal corporate data on a massive scale.<\/p>\n

To be fair, NewsFactor notes that this is not the first time Salesforce has been targeted:<\/p>\n

in February, the customer relationship management system provider was targeted by yet another Zeus variant that managed to steal corporate data through a user who had logged onto the service through an infected system.<\/p><\/blockquote>\n

A pretty similar story to what is happening now, although it is obvious Salesforce is not yet sure of the scope of the problem, despite the usual protestations of not being aware of any customer impact. The Cloud CRM company has therefore asked its users to take the following precautions:<\/p>\n

activate IP Range Restrictions to allow users to access the Salesforce site only from clients’ corporate networks or VPNs, use SMS Identity Confirmation to add an extra layer of log-in protection when Salesforce credentials are used from an unknown source, implement the company’s 2-step verification process, which is available as an app via the iTunes App Store or Google Play for Android devices, and leverage SAML authentication capabilities to require that all authentication attempts be sourced from client networks.<\/p><\/blockquote>\n

Salesforce also recommended that users make sure their anti-malware solution can detect Dyre and to add the Trojan’s signature to your anti-virus software. Of course, if you are a Salesforce client and believe you’ve been hacked, Salesforce asks that you also immediately contact Salesforce’s security support team.<\/p>\n

For NewsFactor article which discusses this cyber security threat, click here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

A warning from Jeff Cozza of NewsFactor to cloud platform, and especially Salesforce users: the “Dyre” or “Dyreza” Trojan Malware has been infecting Salesforce users’ systems in order to seal users’ log in credentials. The new virus, detected by a Salesforce security partner on September 3, appears to be a threat not only to Salesforce […]<\/p>\n","protected":false},"author":1,"featured_media":336,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[6],"tags":[],"acf":[],"yoast_head":"\nMalware Infecting Salesforce Clients and Stealing Log In Credentials<\/title>\n<meta name=\"description\" content=\""Dyre" or "Dyreza," based off of the Zeus Trojan, shows the need for two-factor authentication says Salesforce, but other cloud platforms are at still risk.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/\",\"name\":\"Malware Infecting Salesforce Clients and Stealing Log In Credentials\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg\",\"datePublished\":\"2014-09-23T18:53:27+00:00\",\"dateModified\":\"2014-09-23T18:53:27+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"\\\"Dyre\\\" or \\\"Dyreza,\\\" based off of the Zeus Trojan, shows the need for two-factor authentication says Salesforce, but other cloud platforms are at still risk.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg\",\"width\":600,\"height\":270,\"caption\":\"Trojan Malware Infecting Salesforce Clients\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trojan Malware Infecting Salesforce Clients\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer's Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Malware Infecting Salesforce Clients and Stealing Log In Credentials","description":"\"Dyre\" or \"Dyreza,\" based off of the Zeus Trojan, shows the need for two-factor authentication says Salesforce, but other cloud platforms are at still risk.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/","url":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/","name":"Malware Infecting Salesforce Clients and Stealing Log In Credentials","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg","datePublished":"2014-09-23T18:53:27+00:00","dateModified":"2014-09-23T18:53:27+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"\"Dyre\" or \"Dyreza,\" based off of the Zeus Trojan, shows the need for two-factor authentication says Salesforce, but other cloud platforms are at still risk.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2014\/09\/Trojan-Malware-Infecting-Salesforce-Clients.jpg","width":600,"height":270,"caption":"Trojan Malware Infecting Salesforce Clients"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/trojan-malware-infecting-salesforce-clients\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Trojan Malware Infecting Salesforce Clients"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer's Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=mm&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/identity-management\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/331"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=331"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/331\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/336"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=331"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=331"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=331"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}