| ⓘ This advisory addresses new phishing attempts related to CrowdStrike’s Falcon sensor crash. |
Attention Constituents:
Since CrowdStrike deployed its international Falcon sensor fix last Friday, 19 July 2024, Crowd Strike Intelligence has identified that threat actors are leveraging this event for malicious purposes such as:
- Distributing a malicious zip file named “crowdstirke-hotfix.zip”;
- Establishing fraudulent domains to mimic CrowdStrike;
- Sending phishing emails posing as CrowdStrike support to customers;
- Impersonating CrowdStrike staff in phone calls; and
- Claiming to have evidence that the technical issue is linked to a cyberattack and offering remediation insights.
| Recommendations |
| CIRT-BS recommends that organisations communicate with CrowdStrike representatives through official channels only and adhere to technical guidance provided by the CrowdStrike support teams. |
For more information on this topic, please see the following links:
Best,
|
