"The SaaS Security firm vendor Adallom, detected a malware-based campaign against Salesforce.com users, the Zeus variant used implements the web crawling capabilities to grab sensitive business data from the CRM. The attacks originated from Salesforce employee’s home computer, this variant of Zeus trojan crawled the site and created a real-time copy of the user’s Salesforce.com instance that included all the company account data.
“We’ve been internally referring to this type of attack as “landmining”, since the attackers laid “landmines” on unmanaged devices used by employees to access company resources. The attackers, now bypassing traditional security measures, wait for the user to connect to *.my.salesforce.com in order to exfiltrate company data from the user’s Salesforce instance.” reported the official post issued mt Adallom.
Experts at Adallom discovered the campaign because noted approximately 2GB of data been downloaded to the victim’s computer in a few minutes, the malware authors exploited Zeus Web inject capabilities for the purpose of data harvesting and exfiltration."
"The Android Malware dubbed as 'Backdoor.AndroidOS.Torec.a', using Tor hidden service protocol for stealth communication with Command-and-Control servers.
Researchers detected that the Trojan is running from .Onion Tor domain and working on the functionality of an open source Tor client for Android mobile devices, called 'Orbot', thus eliminating the threat of the botnet being detected and blocked by law enforcement authorities, although often it's not clear how many devices has been infected by this malware till now. "