#

Beware of Fake CrowdStrike Manuals, Send Malware Not Recovery!

We learned a few days ago that there were hackers in the CrowdStrike pandemonium, and users were warned to be cautious because of the crowdstrike-hotfix.zip archive file, which is malware that targets customers who have had BSODs as a result of CrowdStrike upgrades.

Aside from that, there is new news in this issue, as CrowdStrike revealed yesterday the new strategy employed by hackers by disseminating a Word document that replicates Microsoft’s recovery instructions for the CrowdStrike BSOD problem.

According to reports, this Word document contains macros that, when activated, download the stealer virus known as Daolpu. Here are the specifics of the infected Word document.

New_Recovery_Tool_to_help_with_CrowdStrike_issue_impacting_Windows.docm

SHA256 hash:

803727ccdf441e49096f3fd48107a5fe55c56c080f46773cd649c9e55ec1be61

So, what should we do to defend ourselves from the sorts of malware assaults outlined above? Here are some CrowdStrike advice.

  • Verify CrowdStrike Communications: Make sure you only contact CrowdStrike staff via proper channels and follow their technical recommendations.
  • Check Website Certificates: Before downloading anything, check the website certificate to ensure it is from a trustworthy source.
  • Train Users: Companies should train their IT staff to avoid opening or executing files from suspicious sources.
  • Enable Browser Protections: Users should enable download protections and other security settings on their browsers.
  • Search for the Daolpu Indicator: If you find a file named “result.txt” in the Temporary folder (%TMP%), it means you have a Dalpou infection.

Regarding the CrowdStrike pandemonium, the recovery effort is still ongoing, with Microsoft estimating that at least 8.5 million PCs worldwide have been impacted by the mayhem.

Did the CrowdStrike upgrade cause a BSOD at your office as well? Leave a remark below, guys.

See also  Private Bank commerzbank

You May Also Like

About the Author: diabellstar

Leave a Reply

Your email address will not be published. Required fields are marked *