CrowdStrike Chaos Sparks Surge in Phishing Attacks
July 20, 2024 | 2 min read
Understanding the Crisis: What Happened and Where We Stand
On July 19, 2024, CrowdStrike, a leading cybersecurity firm, experienced a major global outage impacting numerous organizations worldwide. This disruption was caused by a faulty update to CrowdStrike’s Falcon Sensor software, which is extensively used by businesses and government agencies.
Phishing attacks and more
In the wake of this incident, an ongoing phishing campaign has emerged, targeting CrowdStrike users. Cybercriminals are exploiting the outage to conduct various malicious activities, including:
Sending phishing emails disguised as CrowdStrike support to customers
Impersonating CrowdStrike staff in phone calls
Pretending to be independent researchers with false claims that the technical issue is related to a cyberattack, and offering dubious remediation advice
Selling scripts that falsely claim to automate recovery from the update issue
Several malicious domains associated with this phishing campaign, which impersonate the CrowdStrike brand, have been identified. System administrators are advised to update firewall rules to block connections to these domains to protect their networks.
Figure 1: List of Identified malicious domains
United in Resilience Through Challenging Times
As we navigate the aftermath of this significant incident, it’s vital for organizations to support one another rather than exploit each other’s challenges. The current phishing surge reminds us of the importance of solidarity in the cybersecurity community. By working together and sharing resources, we can all enhance our defenses and better protect our networks.
During these times, the role of advanced security solutions becomes even more critical. Tools designed to safeguard against domain impersonation and detect phishing attempts can provide valuable protection. It’s worth considering how such resources can help strengthen your organization’s resilience against these threats.
By fostering a collaborative approach and utilizing effective security measures, we can collectively address these challenges and build a more secure digital environment. Let’s turn this situation into an opportunity for growth and enhanced mutual protection.
Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.
