Cybercriminals Exploit CrowdStrike Outage with Phishing Scams and Fake Domains
Nearly 37,000 employees from major companies have fallen victim, leading to malware infections and ransom demands.
image for illustrative purpose
In the wake of the CrowdStrike software outage, cybercriminals have exploited the situation by launching phishing campaigns and creating fake domains pretending to offer solutions.
These attacks, targeting companies affected by the July incident, have led to the creation of fraudulent domains like crowdstrikefixer.com.
According to Cyfirma, nearly 37,000 employees from top global companies have fallen victim to these phishing scams, which have been used to deliver malware and demand ransoms.
Since the outage started on July 19, 900 malicious domains have been identified by Cyfirma.
CrowdStrike’s faulty update caused a widespread blue screen of death (BSOD) affecting over eight million Windows computers. Cybercriminals are using the confusion from this incident to gain unauthorized access to sensitive systems.
Sundareshwar K from PwC India highlights that such large-scale disruptions create ideal conditions for cybercriminals.
He advises organisations to first contain any ransomware attacks and then restore systems from backups to mitigate the impact.
