A deficient software update released earlier this month disrupted vital services like banks, hospitals, and airplanes, affecting 8.5 million Microsoft Windows computers worldwide.
The problem was fixed by later fixes from CrowdStrike and Microsoft, but not before hackers took advantage of the outage. India’s CERT-In shared 25 URLs for businesses to blacklist in addition to alerting them about phishing campaigns and malware linked to this incident.
Earlier this month, several businesses across the world came to a standstill, thanks to a flawed security update that the US-based cybersecurity company CrowdStrike pushed for Microsoft Windows machines. The defective software update pushed by CrowdStrike to its customers disrupted airlines, banks, hospitals, and other critical services, affecting about 8.5 million machines running Microsoft’s Windows operating system across the world.
Patches were released by Microsoft and CrowdStrike to restore machines, which often took days to restore. The major tech breakdown has been quickly exploited by hackers and cybercriminals, as is the case with practically all events, both good and terrible. Cybersecurity organizations from all across the world, including those in the US, UK, Australia, and Canada, have issued alerts about hackers targeting businesses with the CrowdStrike vulnerability. The Indian government’s cybersecurity office, CERT-In, has also alerted businesses in the nation to potential hacking assaults linked to the CrowdStrike outage.
CERT-In stated in an advisory that there is a report of an ongoing phishing campaign that targets users of CrowdStrike and uses this vulnerability to carry out the following malicious activities: sending emails posing as CrowdStrike support to customers; phoning as CrowdStrike staff in phone calls; selling software scripts that claim to automate recovery from the content update issue; and disseminating trojan malware that poses as recovery tools.
It went on to say that these assault tactics might persuade an unwary user to download and install unknown software, which could result in the loss of data, system crashes, and the exposure of sensitive information. Additionally, CERT-IN has released a list of 25 URLs that it considers hazardous and requests businesses to block on their network.
URLS
* crowdstrike.phpartners.Jorg
* crowdstrike0day[.]com
crowdstrikebluescreen[-]com
crowdstrike-bsod[.]com
* crowdstrikeupdate(.)com
* crowdstrikebsod[..com
crowdstrike-helpdesk[..com
* crowdstrikefix..com2%
* fix-crowdstrike-bsod[.]com
crowdstrikedown []site
* crowdstuck[.Jorg
* Crowdfalcon-immed-update[.]com
crowdstriketoken[.]com
crowdstrikeclaim[.]com
crowdstrikeblueteam[.]com
* crowdstrike-office365[.]com
* crowdstrikefix-[zip
* crowdstrikereport[.]com
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.