Image

Security Alert: Malicious Hotfixes

CrowdStrike's Falcon platform faced a major hiccup, pushing out an update that caused widespread Blue Screen of Death (BSoD) issues across Windows devices. The chaos didn't stop there cybercriminals quickly seized the opportunity to exploit the situation.

Malicious actors (Cybercriminals) are now targeting especially Latin American CrowdStrike customers with a fake hotfix, disguising their attack as a legitimate update. They're using a ZIP file named "crowdstrike-hotfix.zip" which contains a malware loader called Hijack Loader. This loader deploys the Remcos RAT payload, leading to further system compromises.

What's Happening?
  1. Attack Method: Fake hotfixes with malicious payloads.
  2. Target: Latin American CrowdStrike customers.
  3. Malware: Remcos RAT.

...

CrowdStrike and Microsoft are working to address the fallout, with Microsoft revealing that around 8.5 million Windows devices were affected globally less than 1% of all Windows machines. This incident underscores the critical need for robust security measures and vigilance.

If you're affected, ensure you're engaging with CrowdStrike through official channels and follow their guidance. For those interested, CrowdStrike has launched a Remediation and Guidance Hub, and Microsoft has released a recovery tool to help impacted IT admins.

Stay informed and stay secure!...

Read more

Copyright Wissen Baum, All Right Reserved.