Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware
The Hacker News
|
Contributed by: Drex DeFord
Summary
CrowdStrike, reeling from a flawed update that caused IT disruptions worldwide, has alerted that threat actors are exploiting this chaos by distributing Remcos RAT malware to its customers in Latin America. Attackers are using a ZIP file labeled “crowdstrike-hotfix.zip,” which contains a malware loader that installs the Remcos RAT. The archive file includes Spanish instructions, suggesting the campaign targets Latin American users. Malicious actors have also set up fake CrowdStrike domains, offering services for cryptocurrency payments. CrowdStrike advises customers to verify communications with official representatives and follow provided technical guidance.
