Windows users need to be careful as cybercriminals are spreading fake CrowdStrike debugging tools.
According to Neowin, on the morning of July 19, a bug update from Microsoft's partner cybersecurity company CrowdStrike caused serious problems for millions of Windows computers worldwide. This error caused computers to continuously reboot and display a "blue screen of death", affecting the operations of many large organizations such as banks, airlines and media companies.
Cybercriminals exploit CrowdStrike incident to spread malicious tools.
Cybercriminals exploit CrowdStrike incident to spread malicious tools.
The situation became even more serious when cybercriminals quickly took advantage of this chaos to spread a malicious file named "crowdstrike-hotfix.zip". This file contains HijackLoader malware, capable of stealing information and causing serious damage to the system.
Beyond spreading malware, cybercriminals also use sophisticated phishing campaigns. They impersonate CrowdStrike support staff, send phishing emails, and even call customers directly to scam and offer fake solutions.
According to statistics, there have been many domain names created to serve these malicious attack campaigns, including:
- crowdstrike.phpartners.org
- crowdstrike0day.com
CrowdStrike and Microsoft have been quick to release troubleshooting tools and advise customers to only contact CrowdStrike's official support channels. However, the situation is still evolving and cybersecurity experts are warning users to be extremely vigilant.
Widely used software in the office creates an ideal environment for cybercriminals to hide.
According to the latest report from Kaspersky, more and more small and medium-sized businesses are becoming targets of cybercriminals. The most common form of attack continues to be Trojans, which, although they do not have the ability to self-replicate like viruses, can imitate legitimate software. In addition, their ability to adapt and evade cybersecurity tools makes them a popular tool for cybercriminals.
Microsoft Excel, Word and PowerPoint are the most targeted by hackers, respectively.
Microsoft Excel, Word and PowerPoint are the most targeted by hackers, respectively.
During the period January - April 2024, Kaspersky recorded a total of 100,465 trojan attacks, equivalent to a 7% increase compared to the same period in 2023. Of which, Microsoft Excel continued to be the most attacked software in 2024. It was followed by Microsoft Word, and the third most targeted software by criminals were Microsoft PowerPoint and Salesforce.
See more beautiful photo albums Here >>>
To find out the results of the research on threats in businesses, Kaspersky cross-referenced applications such as Microsoft Office, Microsoft Teams, Skype and many other programs used in the business workspace based on the telemetry of Kaspersky Security Network (KSN).
In addition, phishing continues to be a threat to businesses, causing serious consequences for businesses. Once logging into fake services, victims will unintentionally reveal their username and password to cybercriminals or help hackers activate pre-set cyber attacks on the system.
“Humans continues to be a significant vulnerability for businesses, partly due to low cybersecurity awareness. Furthermore, the widespread use of Microsoft Excel in offices creates an ideal environment for cybercriminals to hide and modify malicious data in large datasets, which are then widely disseminated throughout the organization,” said Vasily Kolesnikov, cybersecurity expert at Kaspersky.