close
close

Government warns of phishing attack on CrowdStrike users

Indian cybersecurity agency CERT-In has reported that users affected by the recent global computer outage are now falling victim to phishing attacks. Scammers are posing as CrowdStrike support staff and offering system recovery tools, but instead installing malware.

A CERT-In alert published on Saturday warns that these attacks could trick unsuspecting users into installing unidentified malware, potentially leading to data leaks and system crashes. The global computer outage on July 19, caused by a faulty update to the CrowdStrike Falcon sensor software, resulted in Microsoft Windows operating system crashes, flight groundings, and compromised business, banking, and hospital systems worldwide, reported PTI.

Although the systems have since been restored with official fixes from CrowdStrike and Microsoft, attackers are selling software scripts that supposedly automate the recovery. CERT-In notes that these phishing attackers are also distributing Trojan malware disguised as recovery tools.

In phishing attacks, scammers pose as legitimate and official entities via email, SMS or phone call in order to trick their victims into revealing sensitive personal information such as banking details and login credentials.

CERT-In, the federal agency responsible for combating cyberattacks and protecting online spaces, has advised users and organizations to configure firewalls to block 31 types of URLs, including “crowdstrikeoutage(.)info” and “www.crowdstrike0day(.)com,” as well as numerous hashes.

The advisory also recommends several cyber hygiene best practices: obtain software patch updates from authentic sources, avoid documents with “.exe” links, be cautious of suspicious phone numbers, only click on URLs with unique website domains, and use secure browsing and filtering tools and appropriate firewalls.

“Make sure websites have valid encryption certificates by looking for the green lock in the browser address bar before entering sensitive information such as personal details or account credentials,” the warning continues.

Recommended video of the day

A month before the deaths in the basements of Delhi, the IAS aspirant’s SOS warned of enormous risk