Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Scammers seize on CrowdStrike confusion

Phishing emails and calls purportedly from CrowdStrike staff have been detected in the wake of last week’s widespread Windows system outages, with CrowdStrike publishing a list of non-authorised domains to warn users.

user iconReporter
Tue, 23 Jul 2024
Scammers seize on CrowdStrike confusion
expand image

CrowdStrike has also warned of scammers imitating cyber security researchers offering support to individuals and businesses, who are alleging that the widespread outages were the result of a cyber attack.

AUSCERT warned that scammers are hoping that the urgency of needing to get systems back up and running may inhibit critical thinking, increasing their chances of exploitation.

Users are being advised by AUSCERT to be vigilant, verify the authenticity of any communications they receive and only source information from official channels.

============
============

CrowdStrike has released a list of domains impersonating its brand, though not all are necessarily used for the carriage of malicious content. According to a CrowdStrike blog, the following domains have been detected:

crowdstrike.phpartners[.]org

crowdstrike0day[.]com

crowdstrikebluescreen[.]com

crowdstrike-bsod[.]com

crowdstrikeupdate[.]com

crowdstrikebsod[.]com

www.crowdstrike0day[.]com

www.fix-crowdstrike-bsod[.]com

crowdstrikeoutage[.]info

www.microsoftcrowdstrike[.]com

crowdstrikeodayl[.]com

crowdstrike[.]buzz

www.crowdstriketoken[.]com

www.crowdstrikefix[.]com

fix-crowdstrike-apocalypse[.]com

microsoftcrowdstrike[.]com

crowdstrikedoomsday[.]com

crowdstrikedown[.]com

whatiscrowdstrike[.]com

crowdstrike-helpdesk[.]com

crowdstrikefix[.]com

fix-crowdstrike-bsod[.]com

crowdstrikedown[.]site

crowdstuck[.]org

crowdfalcon-immed-update[.]com

crowdstriketoken[.]com

crowdstrikeclaim[.]com

crowdstrikeblueteam[.]com

crowdstrikefix[.]zip

crowdstrikereport[.]com

The warnings come as CrowdStrike’s chief security officer and a former FBI agent, Shawn Henry, released a statement on the company’s Falcon update, accepting responsibility for the outages.

“On Friday, though, we failed. The past two days have been the most challenging 48 hours for me over 12+ years. The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch.

“But this pales in comparison to the pain we’ve caused our customers and our partners. We let down the very people we committed to protect, and to say we’re devastated is a huge understatement.

“I, and the entire company, take that personally. Thousands of our team members have been working 24/7 to get our customer systems fully restored. The days have been long and the nights have been short, and that will continue for the immediate future. But that is part of the promise we made to all of you when you put your trust and protection in our hands.”

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.