Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...

"In these interactions, UNC6040 also directly requested user credentials and multifactor authentication codes to authenticate and add the Salesforce Data Loader application, facilitating data ...

The Data Loader app itself is real and is used to import, export, or change Salesforce records by connecting to the internal database.

Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...

Google’s Threat Intelligence Group says a vishing threat called UNC6040 has been targeting Salesforce applications with a fake data loader.

The campaign centers on Salesforce’s Data Loader, a bulk data management tool that lets users import, export, update, delete, or insert large volumes of records within the Salesforce platform.

Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...

Salesforce warned customers of voice phishing, or "vishing," attacks and of hackers abusing malicious, modified versions of Data Loader in a March 2025 blog post. (Reporting by AJ Vicens in ...

Hackers are tricking employees at companies in Europe and the Americas into installing a modified version of a Salesforce-related app, allowing the hackers to steal reams of data, gain access to ...