Cybercrooks spell trouble with typosquatting domains amid CrowdStrike crisis

2024-07-23 15:15

Thousands of typosquatting domains are now registered to exploit the desperation of IT admins still struggling to recover from last week's CrowdStrike outage, researchers say.

The incident wasn't isolated and CrowdStrike was forced to issue a public memo on the same day warning against opportunistic cybercriminals exploiting the situation.

"CrowdStrike Intelligence recommends that organizations ensure they are communicating with CrowdStrike representatives through official channels and adhere to technical guidance the CrowdStrike support teams have provided," it said.

Some CrowdStrike customers are still in the process of recovering their machines from BSOD errors days after the botched Falcon update.

CrowdStrike has regularly updated its dedicated remediation page for the incident since Friday, with a number of methods now available to customers, and it's the first port of call for anyone still struggling to recover.

According to some admins who have reported their experience of dealing with CrowdStrike directly in the last few hours, the vendor is encouraging customers to opt into an initiative that allows CrowdStrike itself to remediate affected endpoints from the cloud.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/07/23/typosquatting_crowdstrike_crisis/

#crisis #crowdstrike #cybercrooks