As the world slowly recovers from a recent outage caused by CrowdStrike, a cybersecurity leader, malicious hackers are taking advantage of the chaos to carry out phishing attacks and other malicious activities, according to the U.S. cybersecurity agency CISA.
Although the CrowdStrike outage was not the result of a cyberattack, threat actors are leveraging the situation to send phishing emails and scams. CISA issued a warning to individuals to be cautious and avoid clicking on suspicious links or emails that could compromise their information.
Security experts have noted that cybercriminals are already using various domains to impersonate CrowdStrike in phishing emails. These emails falsely claim to offer solutions to the CrowdStrike outage in exchange for payment to a crypto wallet. In reality, the only effective fixes involve restarting affected computers or manually removing a defective file.
Social engineering expert Rachel Tobac has highlighted the risk of criminals using the outage as a cover to trick victims into revealing sensitive information. Tobac advised people to verify the identity of individuals before sharing any sensitive data.
The defective software update released by CrowdStrike caused numerous Windows computers to crash, affecting those running the company’s security software. While CrowdStrike has fixed the bug, the process of manually fixing each affected computer could lead to prolonged outages.
CISA reassured the public that they are collaborating with CrowdStrike, government agencies, critical infrastructure entities, and international partners to address the issue. The agency is working diligently to provide solutions and support for those impacted by the outage.
