Hackers are already targeting users with fake CrowdStrike fixes — here’s what we’ve seen so far

Don’t fall for phishing attempts, CISA warns

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Companies suffering from the CrowdStrike patching fiasco should be careful with their emails , as cybercriminals are taking advantage of the situation to pushmalware, experts have warned.

The US Cybersecurity and Infrastructure Security Agency (CISA) hasissued a warningconcerning an ongoing phishing campaign, telling users to “avoid clicking on phishing emails or suspicious links.”

CISA says it has already observed multiple campaigns in which crooks either impersonated CrowdStrike, or presented themselves as IT pros capable of quickly fixing the problem. In at least one of such emails, the fraudsters asked for money in cryptocurrencies, in exchange for a fix.

Phishing attacks

Phishing attacks

A seperatewarningfrom AnyRun highlighted a malware campaign targeting BBVA bank customers offering a fake CrowdStrike Hotfix update that actually installs the Remcos remote access tool (RAT).

Many organizations around the world were forced to pause their operations, either partly, or entirely, due to afaulty CrowdStrike patchthat bricked their Windows PCs.

Banks, airlines, TV broadcasters, and many other organizations all over the world faced the dreaded Blue Screen of Death, and started scrambling for a solution.

Apparently, the best way to fix the issue is either to delete the faulty file via Safe Mode, or to keep the Windows device running long enough for the fix for the patch to download and install.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

In the meantime, cybercriminals jumped at the opportunity to use this global event for personal gain.

One thing that’s in common for virtually all phishing emails is that they carry a sense of urgency with them, and in that regard - events such as this one are ideal. In the past, security researchers have observed hackers abusing sports events such as the Olympic Games, FIFA World Cup, Super Bowl, and others, to trick people into downloading malware, by promising affordable tickets for the events, if they hurry and buy them.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Washington state court systems taken offline following cyberattack

Is it still worth using Proton VPN Free?

MacBook Air OLED reportedly delayed until at least 2028 – here’s why