Hackers are already targeting users with fake CrowdStrike fixes — here's what we've seen so far

(Image credit: Shutterstock / rafapress)

Companies suffering from the CrowdStrike patching fiasco should be careful with their emails , as cybercriminals are taking advantage of the situation to push malware, experts have warned.

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning concerning an ongoing phishing campaign, telling users to “avoid clicking on phishing emails or suspicious links.”

CISA says it has already observed multiple campaigns in which crooks either impersonated CrowdStrike, or presented themselves as IT pros capable of quickly fixing the problem. In at least one of such emails, the fraudsters asked for money in cryptocurrencies, in exchange for a fix.

Phishing attacks

A seperate warning from AnyRun highlighted a malware campaign targeting BBVA bank customers offering a fake CrowdStrike Hotfix update that actually installs the Remcos remote access tool (RAT).

Many organizations around the world were forced to pause their operations, either partly, or entirely, due to a faulty CrowdStrike patch that bricked their Windows PCs.

Banks, airlines, TV broadcasters, and many other organizations all over the world faced the dreaded Blue Screen of Death, and started scrambling for a solution.

Apparently, the best way to fix the issue is either to delete the faulty file via Safe Mode, or to keep the Windows device running long enough for the fix for the patch to download and install.

In the meantime, cybercriminals jumped at the opportunity to use this global event for personal gain.

One thing that’s in common for virtually all phishing emails is that they carry a sense of urgency with them, and in that regard - events such as this one are ideal. In the past, security researchers have observed hackers abusing sports events such as the Olympic Games, FIFA World Cup, Super Bowl, and others, to trick people into downloading malware, by promising affordable tickets for the events, if they hurry and buy them.

Via BleepingComputer

More from TechRadar Pro

Windows Blue Screen of Death crisis: what we know so far
Here's a list of the best malware removal tools around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.