July 21, 2024 at 03:34PM
Cybercriminals are using CrowdStrike’s glitchy update to target companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers, urging them to verify official communications. Phishing emails exploiting the situation have been observed by researchers and government agencies. Malicious actors are distributing malware disguised as CrowdStrike updates, leading to significant business disruption.
Based on the meeting notes, here are the key takeaways:
1. CrowdStrike’s glitchy update on Friday has led to a significant business disruption, with threat actors exploiting the situation to target companies with data wipers and remote access tools.
2. The company urges customers to verify communication with legitimate representatives through official channels, as phishing emails targeting the situation are on the rise.
3. Malicious actors have been distributing malware cloaked as fixes and updates from CrowdStrike. This includes the delivery of the Remcos remote access tool and a data wiper under the pretense of delivering an update from CrowdStrike.
4. The faulty update affected 8.5 million Windows devices, leading to massive business and operational disruptions across various industries.
5. CrowdStrike has identified the cause of the outage and is providing instructions for affected companies to recover individual hosts, BitLocker Keys, and cloud-based environments.
Overall, it’s crucial for businesses to remain vigilant and follow CrowdStrike’s official communication channels to minimize the impact of the recent software update issue.