Skip to main content

Windows crash : Tech


 Cybercriminals are already exploiting the confusion caused by the CrowdStrike disruption.

Cybercriminals are taking advantage of the turmoil caused by the extensive global tech failure on Friday by spreading counterfeit websites loaded with harmful software aimed at tricking innocent users, as reported by the US government and numerous cybersecurity experts.

Cyber attackers are creating fake websites that look like they offer help or information on the global IT breakdown, but in actuality, they are intended to collect personal data from visitors or to attack their devices, the security analysts mentioned.

These deceitful websites use domain names that include terms like CrowdStrike — the cybersecurity company responsible for a defective software update that triggered the issue — or “blue screen,” which is the screen that appears on computers affected by the CrowdStrike issue when they start up.
Scam sites might attempt to attract victims by promising an immediate solution to the CrowdStrike problem or trick them with offers of counterfeit digital money.

In a report about the outage, the Department of Homeland Security mentioned that it has observed "cybercriminals exploiting this situation for phishing and other harmful activities."

"Stay alert and only heed advice from genuine sources," the report from the Department's Cybersecurity and Infrastructure Security Agency advises. CrowdStrike has provided its own advice on how affected groups can respond to the issue.

This situation highlights how a sudden, significant news event has led to additional dangers for millions of individuals as cybercriminals try to profit from the CrowdStrike incident and as numerous organizations rush to recover from the faulty update from CrowdStrike.

"It's a common occurrence following such incidents," noted Kenn White, a security expert focusing on network security, in an interview with CNN. "Criminals are relentless in their efforts to exploit the weakest points."

During the outage on Friday, CrowdStrike issued a warning about hackers attempting to take advantage of the situation by using it as a bait. In a blog, CrowdStrike mentioned that cybercriminals are not only setting up fake websites but also pretending to be CrowdStrike employees in scam emails and phone calls, even selling fake software that claims to fix the issue.

One example of this is targeting customers who speak Spanish, the company stated in another blog. The attack is disguised under a file named crowdstrike-hotfix.zip. Upon opening the file, it installs harmful software that sends information back to the hackers' server, which they might use to give further instructions to the malware.
Cybercriminals often exploit significant news events to direct traffic towards their activities. For instance, following the extensive Equifax data breach in 2017, security firms reported an increase in cybercriminals launching hundreds of thousands of phishing emails that mimicked bank communications. These emails targeted individuals who were already worried due to the Equifax incident, making them more susceptible to opening emails from their financial institutions, as experts noted at the time.

Such scams, which rely on specific events, are occurring during a wider surge in impersonation tactics.

Lately, the Federal Trade Commission has highlighted a rise in scams where hackers impersonate government officials or agencies, including the Internal Revenue Service or the Social Security Administration. During the Covid-19 crisis, inventive hackers even impersonated FTC Chair Lina Khan and circulated fake emails claiming the agency was distributing pandemic relief funds, leading the FTC to caution the public against responding to these messages.

The FTC has reported that Americans have collectively lost hundreds of millions of dollars due to these impersonation scams.

In scenarios like the CrowdStrike outage, where individuals are in a hurry to seek information and solutions, phishing can deceive those with good intentions, leading them to make poor decisions that exacerbate the situation.

The risks associated with phishing also extend to other consequences. Some organizations might choose to temporarily weaken or even shut down their cybersecurity measures in an effort to resume normal operations.

"As customers begin to recover, they are likely to reduce or alter their CrowdStrike security measures," Azim Khodjibaev, a cybersecurity researcher at Cisco Talos, the cybersecurity division of Cisco, a networking company, mentioned in a post on X. "This will leave many vulnerable!"

Should businesses fall victim to phishing attacks that compromise critical data or systems, it could have broader implications for their corporate clients and customers, Brett Callow, the managing director of the cybersecurity practice at FTI Consulting, the cybersecurity consulting firm, warned.

"Cybercriminals often exploit current events to their advantage, so it's not unusual to see them attempting to do so with this one," Callow said. "And this is precisely why customers of companies that have experienced significant incidents need to be prepared."

Comments

Post a Comment

Popular posts from this blog

Putin threatens that if Ukraine's long-

Putin  threatens  that  if  Ukraine's  long-range  missile  limits  are  eased,  Russia  will  be  "at  war"  with  NATO. Vladimir Putin, the president of Russia, has issued a warning, stating that Moscow will interpret NATO's approval of Ukraine's use of longer-range missiles to attack within his nation as the bloc's direct involvement in the conflict. Putin's remarks coincide with the notion that, more than two years after Russia's invasion, the US and Western officials are more amenable to the prospect of removing limitations on Ukraine's use of US-supplied long-range weaponry, something Kyiv has vocally advocated for. Putin said to reporters on Thursday that "this will indicate that NATO countries—the United States and European countries—are at war with Russia." If this is the case, we will respond appropriately to the threats posed to us, keeping in mind the shift in the conflict's fundamental nature. U...
Post a Comment
Read more

Telegram - CEO's arrest.

  Telegram will now provide law authorities with some bad actor info following the CEO's arrest. Telegram, a messaging app, has made some additional safety and user privacy concessions following the arrest of CEO and founder Pavel Durov in France last month. French prosecutors detained and questioned Durov over alleged illegal behaviour on the platform, including trafficking and gang activity, as well as the company's purported refusal to turn over investigation-related data. Later, after the investigation was completed, he was freed from police custody with a $5.56 million bail. The probe spurred discussion about online criminal conduct and free speech, but the authorities' worries were not entirely unexpected. Thanks in significant part to encryption technology and assurances of user privacy, the app has gathered over 950 million users over the years. After being apprehended, Telegram declared that Durov had "nothing to conceal" and found it "ridiculous...
Post a Comment
Read more

Robot suicide : in South Korea

South Korea Experiences Its Initial Case of Robot Self-Destruction: What Led to It. In South Korea, a robot employee, called 'Robot Supervisor,' was discovered not moving at the bottom of a staircase. The reason for the fall is being looked into, with worries about possible excessive workload.  This robot, created by Bear Robotics, helped with different duties at Gumi City Council. This incident marks the initial instance of a 'robot suicide' in the nation.  A robot employee of the South Korean government, known as "Robot Supervisor," has been discovered motionless at the bottom of a staircase.  The officials from Gumi City Council report that this robot, which was on duty during regular business hours and had its own identification card for civil service, was found in this state. A "Robot Supervisor" was found at approximately 4 pm by municipal employees, who mentioned that the robot acted oddly earlier, "hopping around aimlessly, seemingly att...
Post a Comment
Read more