Hackers Exploit CrowdStrike Outage Chaos with Malicious Websites
Cybercriminals are capitalizing on the recent global tech outage caused by CrowdStrike’s faulty software update by launching fake websites loaded with malicious software, targeting those seeking solutions to the crisis. The U.S. government and cybersecurity professionals have issued warnings about these deceptive sites designed to steal information or compromise devices.
These fraudulent websites use domain names that include keywords like “CrowdStrike” or “blue screen,” the latter referring to the error display caused by the glitch. The fake sites lure victims by promising quick fixes or offering fake cryptocurrency deals. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has reported an increase in phishing and other malicious activities linked to this incident, advising people to seek information only from legitimate sources.
CrowdStrike itself has alerted users about hackers exploiting the situation by creating fake websites and impersonating its employees through scam emails and phone calls. The company has noted attacks specifically targeting Spanish-speaking customers with files named to mislead, such as “crowdstrike-hotfix.zip,” which install malware when opened.
Currently, there is no automated fix for the CrowdStrike software glitch, making recovery a long and potentially costly process. CrowdStrike has urged affected organizations to communicate only through official channels and follow the technical guidance provided by their support teams.
This situation underscores a common pattern where hackers use high-profile news events to their advantage. For example, after the 2017 Equifax data breach, cybercriminals sent phishing emails impersonating banks, preying on worried victims. Similar scams have risen during events like the Covid-19 pandemic, with hackers pretending to be government officials or agencies.
In the wake of the CrowdStrike outage, there is heightened risk as some organizations might disable or weaken their cybersecurity defenses while attempting to restore operations. This vulnerability could lead to further compromises, affecting corporate clients and consumers alike.
“Bad actors routinely try to take advantage of current events, so it’s not all surprising to see them attempting to take advantage of this one,” said Brett Callow, managing director of the cybersecurity practice at FTI Consulting. “Customers of companies that have experienced high-profile incidents need to be ready for such attacks.”