Table of Contents
CrowdStrike users facing phishing attacks to plant malware: CERT-In
The world suffered a major computer system outage on July 19 due to a faulty update to the CrowdStrike Falcon Sensor software
In this photo illustration, the CrowdStrike logo is displayed on a cell phone and computer monitor on July 19, 2024 in Los Angeles. Photo: Getty Images via AFP
The Indian cyber security agency CERT-In has said users impacted by the recent global computer outage are being targeted with phishing attacks. Fraudsters impersonating CrowdStrike support staff are offering to help them with system recovery tools and using the opportunity to install malware.
According to a CERT-In advisory issued on Saturday, these attacks could “entice an unsuspecting user to install unidentified malware, which could lead to data leakage and crashes.” The world suffered a major computer system outage on July 19 due to a faulty update to the CrowdStrike Falcon Sensor software, leading to a crash of the Microsoft Windows operating system. The event grounded numerous flights and hit business, banking, and hospital systems across the globe.
Related Stories
-
CrowdStrike CEO: 97% of Windows sensors hit by outage back up now
-
CrowdStrike CEO George Kurtz called to testify to U.S. Congress over cybersecurity firm’s role in global Microsoft tech outage
-
CrowdStrike fallout | Why did your home Windows PC survive the Microsoft outage?
-
CrowdStrike releases the details behind Microsoft Windows outage
-
Microsoft CrowdStrike outage | Malicious actors trying to exploit tech outage for their own gain
Systems have now recovered with CrowdStrike and Microsoft releasing official fixe.
Trojan malware
The attackers sell software scripts purporting to automate recovery, CERT-In said. The phishing attackers are also distributing “Trojan” malware. which they are calling recovery tools. CERT-In said.
A phishing attack is the fraudulent practice of impersonating reputed and official names and identities through email, text messages, or phone calls to trick the victim into sharing sensitive personal information like banking and credit card details and login or identity information.
CERT-In is the federal technology agency that combats cyber-attacks and guards the online space against phishing and hacking attempts and other cyber-attacks.
The advisory asked users and organisations to configure firewalls to block 31 types of URLs, like 'crowdstrikeoutage[.]info' and 'www.crowdstrike0day[.]com' among others apart from a number of hashes.
Cyber hygiene
The advisory asked users to deploy trusted cyber hygiene practices: to obtain software patch updates from authentic websites and sources; to avoid clicking documents with links to ".exe," as they are almost certainly malicious files disguised as legitimate documents; and to be cautious of suspicious phone numbers, as scammers often mask their identity by using email-to-text services to conceal their actual phone number.
It also suggested users only click URLs that have clear website domains and use safe browsing and filtering tools, apart from appropriate firewalls.
"Look out for valid encryption certificates by checking for the green lock in the browser's address bar, before providing any sensitive information, such as personal particulars or account login details," it said.
Read Comments
- Copy link
- Telegram
READ LATER
Remove
SEE ALL
PRINT
Related Topics
cyber crime
/
IT/computer sciences
/
computing and information technology