Salesforce warns subscribers of malware threat

In theory, cloud computing should  be safer than dealing with on-premise applications, which have to be tested before patching to ensure compatibility with other enterprise software. Cloud providers merely have to patch their own systems.

But as the iCloud celebrity nude photos breach has proven, there are still vulnerabilities. Salesforce has reinforced this by issuing a caution to subscribers that the Dyre malware (also known as Dyreza) may be targeting them.

In a notification to users the SaaS provider said a security partner notified it of the possibility.”This is not a vulnerability within Salesforce,” the statement said. “It is malware that resides on infected computer systems and is designed to steal user log-in credentials and resides on infected customer systems.

So far, it added, it has no evidence yet that any customers have been hit.

Salesforce advises customers and IT departments to

  • activate IP Range Restrictions to allow users to access only from your corporate network or VPN;
  • use SMS Identity Confirmation to add an extra layer of login protection when salesforce credentials are used from an unknown source
  • implement Salesforce#, which provides an additional layer of security with two-step verification. The app is available via the iTunes App Store or via Google Play for Android devices.
  • leverage SAML authentication capabilities to require that all authentication attempts be sourced from your network.

According to the CSIS Security Group of Copenhagen, which first discovered the malware in June, Dyreza is based on the ZeuS sourcecode that targets major banks and supports browser hooking. Delivered through spam campaigns, it sweeps up data at any point an infected computer user connects to the targets specified in the malware.




Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Article

ADaPT connects employers with highly skilled young workers

Help wanted. That’s what many tech companies across Canada are saying, and research shows that as the demand for skilled workers...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now