Google reveals a threat group, UNC6040, using sophisticated vishing campaigns to breach Salesforce and other corporate systems for data theft and extortion. Their tactics include impersonating IT support and tricking employees into authorizing malicious apps like a modified Salesforce Data Loader. #UNC6040 #TheCom
Keypoints
- UNC6040 specializes in voice phishing attacks targeting organizationsβ Salesforce instances.
- They use social engineering to manipulate employees into granting access through malicious Salesforce applications.
- The group breaches networks to access data across platforms such as Okta, Workplace, and Microsoft 365.
- Some attacks involve extortion, with hackers claiming links to ShinyHunters to pressure victims.
- Salesforce has issued warnings about impersonation campaigns to protect customer accounts.
Read More: https://thehackernews.com/2025/06/google-exposes-vishing-group-unc6040.html