* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Sunday, June 1, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

    Allied Gaming & Entertainment Receives Expected Nasdaq Notice Regarding Delayed Quarterly Report – Business Wire

    Allied Gaming & Entertainment Faces Nasdaq Notice Over Delayed Quarterly Report

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    i3D Robotics Unveils Breakthrough Glass Defect Detection Technology – USGlass Magazine

    Revolutionary Glass Defect Detection Technology Unveiled by i3D Robotics!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

    Mavs CEO holds firm on new arena, entertainment district in Dallas – Dallas News

    Mavs CEO Stands Strong on Vision for New Arena and Entertainment District in Dallas

    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

    Allied Gaming & Entertainment Receives Expected Nasdaq Notice Regarding Delayed Quarterly Report – Business Wire

    Allied Gaming & Entertainment Faces Nasdaq Notice Over Delayed Quarterly Report

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

    Drone technology demo in Cambria County showcases future of lifesaving medical deliveries – local21news.com

    Revolutionizing Healthcare: Drone Technology Takes Flight for Lifesaving Medical Deliveries in Cambria County

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    i3D Robotics Unveils Breakthrough Glass Defect Detection Technology – USGlass Magazine

    Revolutionary Glass Defect Detection Technology Unveiled by i3D Robotics!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Scam CrowdStrike domains growing in volume

July 30, 2024
in Technology
Scam CrowdStrike domains growing in volume
Share on FacebookShare on Twitter

Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out


Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 29 Jul 2024 15:18

As global efforts to recover and learn from the Friday 19 July CrowdStrike incident continue, cyber criminals and scammers are predictably lurking on the fringes of the discourse, picking off unsuspecting victims, supported by over newly created malicious domains associated with CrowdStrike’s branding.

This is according to web security specialist Akamai, which said its researchers have identified more than 180 such domains – the true number is likely higher – including one that was ranked in the top 200,000 sites for associated keywords.

The top sectors targeted by these websites appear to be charities and non-profit organisations, and education providers, both of which are highly targeted by malicious actors ordinarily as they are comparatively less likely to have implemented, or to be able to afford in many instances, appropriate cyber security training or defensive measures.

Writing on the firm’s website, Akamai’s Tricia Howard said that as was often the case with newsworthy events, threat actors had immediately attempted to exploit the situation, and the extent and impact of the CrowdStrike incident, which caused millions of Windows devices to turn blue, and prompted disconcerted users – many of them without a background in IT or security – to hunt for answers wherever they could find them, putting them at great risk of social engineering.

Akamai’s teams analysed reams of data drawn from its global edge network to identify the top malicious domains used for CrowdStrike incident scams and other exploits – including the distribution of wiper and infostealing malware, and remote access Trojans (RATs).

The most widely used domains all leveraged CrowdStrike’s branding to some degree, and many purported to offer either information or solutions to the incident. These included domains such as crowdstrike-bsod.com, crowdstrikefix.com, crowdstrike-helpdesk.com, microsoftcrowdstrike.com and crowdstrikeupdate.com.

One domain observed even appeared to exploit the WhatIs family of websites owned and operated by Computer Weekly’s parent TechTarget, using whatiscrowdstrike.com.

According to Howard, the majority of the domains Akamai uncovered carry the .com top level domain (TLD), lending them a subtle authority, and deployed common keywords such as helpdesk or update that are likely being frequently used by people seeking information. In such a way, their backers are able to feign legitimacy by pretending to offer, for example, technical or legal support.

“If you are affected by the outage and are looking for information, we recommend that you consult credible sources such as CrowdStrike or Microsoft. Although other outlets may seem to have more up-to-date information, it may not be accurate – or worse, the site may have a malignant purpose,” wrote Howard.

“It is likely we will see more phishing attempts associated with this issue beyond the time when every device is remediated. A simple scroll through social media can provide an attacker with a sense of which brands generate the most heightened emotions and which are ripe to impersonate for malevolent gain.

“This is an attacker’s job, and it’s important to remember that. Malicious campaign operations function just as we do in legitimate corporations: the victims are their ‘customers,’ and the varied tactics presented in this post show how ‘plugged in’ to their customers they are. They know how to effectively diversify their portfolio to ensure they end up with money in the bank,” she said.

Resilient and convincing infrastructure

To reinforce the point, and to demonstrate how hard it can be for individuals to pick out dodgy websites amid the noise of a standard web search, Howard explained that such phishing campaigns often demonstrate remarkably resilient infrastructure, orchestrated by “professionals” with skills that in some cases rival those found in an enterprise.

Many of the scam sites will also include fairly standard measures that people will be well-used to seeing on secure domains, such as SSL validation. Others may even redirect at some point to the actual CrowdStrike website.

The most sophisticated campaigns will even have failover and obfuscation mechanisms built in, and their backers can quickly change their appearance.

Additionally, the Akamai team believes that least one of the observed domains seen exploiting CrowdStrike appears to be part of a large phishing network. This site, tracked as crowdstrikeclaim.com, stood out to the researchers for its exploitation not just of CrowdStrike, but of a genuine New York law firm that has been involved in real-life class action lawsuits.

The domain contained an embedded Facebook ID known to be malicious, which at one time linked to covid19-business-help.qualified-case.com, a malicious site taking advantage of US government aid programmes during the pandemic. That website in turn contains another embedded Facebook ID linking to as many as 40 other malicious sites.

Mitigating the phish

For ordinary individuals who may find themselves on a CrowdStrike-linked page, Akamai’s advice is to check for a number of indicators of ill intent. This can include looking for the certificate and domain issuer when accessing over HTTPS; avoiding any domains that request sensitive information, such as credit card details; and ignore and delete any emails that claim to offer help. The most effective solution, however, remains to only follow advice and remediation steps from CrowdStrike itself.

Security pros and IT admins can also take additional steps, including to block known and related indicators of compromise (IoCs) – Akamai’s list is available now on GitHub – and to perform a lateral movement gap analysis, or adversary emulation.

Howard noted that financially motivated cyber criminals will look for any opportunity to drop ransomware, and although the CrowdStrike incident is not linked to a zero-day vulnerability, she pointed out that there are still potential ways in for an attacker who now knows what technology, i.e. CrowdStrike, their potential victim is using in its cyber stack.

“This could become relevant in the event that a future CVE is discovered within the Falcon product. Attackers are only getting more sophisticated, and each additional piece of the tech stack puzzle they have makes that puzzle easier to solve,” she warned.

Read more on Hackers and cybercrime prevention


CrowdStrike outage underscores software testing dilemmas

BethPariseau

By: Beth Pariseau


CrowdStrike: 97% of Windows sensors back online after outage

AlexanderCulafi

By: Alexander Culafi


CrowdStrike outage explained: What caused it and what’s next

SeanKerner

By: Sean Kerner


CrowdStrike disaster exposes a hard truth about IT

PatrickThibodeau

By: Patrick Thibodeau

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366599253/Scam-CrowdStrike-domains-growing-in-volume

Tags: CrowdStrikeDomainstechnology
Previous Post

CrowdStrike says most Falcon sensors now up and running

Next Post

UK government sets up AI action plan unit

Upgrades coming to ecological park in Sunbury – WNEP

Upgrades coming to ecological park in Sunbury – WNEP

June 1, 2025
This will ‘devastate scientific research’: 16 states sue the Trump administration over National Science Foundation directive – CNN

This will ‘devastate scientific research’: 16 states sue the Trump administration over National Science Foundation directive – CNN

June 1, 2025
Trump’s new ‘gold standard’ rule will destroy American science as we know it | Colette Delawalla – The Guardian

Trump’s Controversial ‘Gold Standard’ Rule: A Threat to the Future of American Science

June 1, 2025
The month of pride – financialexpress.com

Celebrating Pride: A Month of Love, Acceptance, and Empowerment

June 1, 2025
Elon Musk: Five ways world’s richest man changed the White House – BBC

Elon Musk’s Impact: Five Transformative Ways the World’s Richest Man Influenced the White House

June 1, 2025
Last Week at Economy Class and Beyond (31st May) – Economy Class & Beyond –

Last Week at Economy Class and Beyond (31st May) – Economy Class & Beyond –

June 1, 2025
Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

Jackie Chan Reveals This Family Member ‘Never Watched’ The Whole Of Any Of His Movies – Yahoo

June 1, 2025
Governor Newsom proclaims Mental Health Awareness Month – Governor of California (.gov)

Governor Newsom Declares May as Mental Health Awareness Month!

June 1, 2025
Sanders says Harris fell short with working class. He has a plan to fix that. – The Washington Post

Sanders says Harris fell short with working class. He has a plan to fix that. – The Washington Post

June 1, 2025
Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

Lafayette Regional Technology Council – Tech Leadership That’s Homegrown and Future-Focused – Discover Lafayette

June 1, 2025

Categories

Archives

June 2025
MTWTFSS
 1
2345678
9101112131415
16171819202122
23242526272829
30 
« May    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (655)
  • Economy (670)
  • Entertainment (21,576)
  • General (15,254)
  • Health (9,712)
  • Lifestyle (672)
  • News (22,149)
  • People (671)
  • Politics (678)
  • Science (15,891)
  • Sports (21,174)
  • Technology (15,657)
  • World (658)

Recent News

Upgrades coming to ecological park in Sunbury – WNEP

Upgrades coming to ecological park in Sunbury – WNEP

June 1, 2025
This will ‘devastate scientific research’: 16 states sue the Trump administration over National Science Foundation directive – CNN

This will ‘devastate scientific research’: 16 states sue the Trump administration over National Science Foundation directive – CNN

June 1, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version