Extra Bytes, Information Security

Security Agencies Warn of Phishing Surge Following the CrowdStrike Outage

When it rains, it pours.

Ryan Uliss

Contributing Writer

Save

Following the significant IT outage linked to a faulty software update by cybersecurity giant CrowdStrike, hackers have quickly moved in to exploit the ensuing confusion.

Both the US Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) have issued warnings about a spike in phishing emails falsely claiming to be from CrowdStrike.

These phishing attempts are designed to take advantage of organizations and individuals desperate for solutions amidst the hectic situation, which has affected thousands of companies worldwide and impacted various sectors, including aviation, finance, healthcare, and education. Threat intelligence firms such as McAfee and Any.Run have observed phishing emails delivering malware such as HijackLoader and Remcos RAT, which can compromise system security and steal sensitive information.

Why It Matters: The aftermath of the CrowdStrike IT outage highlights the opportunistic nature of cybercriminals who exploit crises to launch phishing and malware attacks. CrowdStrike and other tech firms have provided resources to assist affected parties, but cybercriminals are capitalizing on the situation to spread malware and scams. This development has compounded the issue, forcing businesses, who are already dealing with potential loss of functionality due to the outage, to be on additional guard so as to not fall victim to threat actors taking advantage of the chaos.

Rise in Phishing Emails: Both CISA and NCSC have reported a significant increase in phishing emails from threat actors posing as CrowdStrike, attempting to exploit the confusion caused by the IT outage. The outage has affected over 29,000 enterprise customers, making them prime targets for phishing and malware attacks.

Phishing Domains Registered: Along with observing the spread of malicious links and downloads through phishing emails, cybersecurity researchers have also identified several new domains mimicking CrowdStrike, intended to deceive users into downloading malware or paying for fake fixes.

Government and Corporate Responses: Government agencies along with cybersecurity companies, have issued alerts and guidelines to help users identify and avoid these malicious attempts, emphasizing the importance of verifying sources and avoiding suspicious links.

Go Deeper -> CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams – Security Week

Don’t Fall for It: Hackers Pounce on CrowdStrike Outage With Phishing Emails – PC Mag

Save

July 22, 2024

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.