Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Hackers are already targeting users with fake CrowdStrike fixes — here's what we've seen so far

Crowdstrike logo.

Companies suffering from the CrowdStrike patching fiasco should be careful with their emails , as cybercriminals are taking advantage of the situation to push malware, experts have warned. 

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning concerning an ongoing phishing campaign, telling users to “avoid clicking on phishing emails or suspicious links.”

CISA says it has already observed multiple campaigns in which crooks either impersonated CrowdStrike, or presented themselves as IT pros capable of quickly fixing the problem. In at least one of such emails, the fraudsters asked for money in cryptocurrencies, in exchange for a fix.

Phishing attacks

A seperate warning from AnyRun highlighted a malware campaign targeting BBVA bank customers offering a fake CrowdStrike Hotfix update that actually installs the Remcos remote access tool (RAT).

Many organizations around the world were forced to pause their operations, either partly, or entirely, due to a faulty CrowdStrike patch that bricked their Windows PCs. 

Banks, airlines, TV broadcasters, and many other organizations all over the world faced the dreaded Blue Screen of Death, and started scrambling for a solution.

Apparently, the best way to fix the issue is either to delete the faulty file via Safe Mode, or to keep the Windows device running long enough for the fix for the patch to download and install.

In the meantime, cybercriminals jumped at the opportunity to use this global event for personal gain.

One thing that’s in common for virtually all phishing emails is that they carry a sense of urgency with them, and in that regard - events such as this one are ideal. In the past, security researchers have observed hackers abusing sports events such as the Olympic Games, FIFA World Cup, Super Bowl, and others, to trick people into downloading malware, by promising affordable tickets for the events, if they hurry and buy them. 

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.