The Zeus malware family is known as a cause of identity theft of financial and banking details. A new variation of the Zeus Banking Trojan Targets Salesforce accounts and SaaS Applications. Zeus comes in many different forms and flavors, is capable to steal users online banking credentials once installed.
The Adallom Labs team recently discovered an unusual variant of the Zeus trojan that targets Salesforce users. In a blog post, the Adallom Labs team said:
We’ve been internally referring to this type of attack as “landmining”, since the attackers laid “landmines” on unmanaged devices used by employees to access company resources. The attackers, now bypassing traditional security measures, wait for the user to connect to *.my.salesforce.com in order to exfiltrate company data from the user’s Salesforce instance.