← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
ACTIVIDAD MALICIOSA | Campaña relacionada con actividad de Squatting afectando a crowdstrike 19-07-2024
WHITE esoporteingenieria2020 2024-07-19 Modified: 2024-08-18
11
IOCs
MEDIUM VOLUME
As a result of the incident that affected CrowdStrike, cybercriminals began conducting impersonation campaigns, taking advantage of users who are inexperienced and/or unskilled in proper update procedures. This left an open gap for these cybercriminals to deceive them by accessing fake URLs or downloading supposed update software to carry out phishing actions and/or information theft.
windowscrowdstrikechannel filemicrosoftfalcon sensorwindirlocatedetachfalcon contentupdatereboot
Indicators of Compromise (11)
All URL domain
TYPEINDICATORDESCRIPTIONCREATED
URL https://crowdstrike-bsod.com 2024-07-19
URL https://crowdstriketoken.com/ 2024-07-19
URL https://fix-crowdstrike-bsod.com 2024-07-19
domain crowdstrike-bsod.com 2024-07-19
domain crowdstrike0day.com 2024-07-19
domain crowdstrikebluescreen.com 2024-07-19
domain crowdstrikedoomsday.com 2024-07-19
domain crowdstrikedown.site 2024-07-19
domain crowdstrikefix.com 2024-07-19
domain crowdstriketoken.com 2024-07-19
domain fix-crowdstrike-bsod.com 2024-07-19
References (3)
↗ https://www.virustotal.com/graph/embed/g6b3b048f25284af4957e04272a2433a0f3dd247735784cec96dfdb39402fcbce?theme=light ↗ https://www.virustotal.com/gui/collection/0d81f8902881a4bb6de3079b86ca533808c1279205b918dda67eb8016634af1d ↗ https://otx.alienvault.com/pulse/669ac67b7f3012e1bf066111