Global Outage - Threat Actor Activity and Risk Mitigation Strategies

July 22, 2024, 4:43 p.m.

Description

On July 19th, 2024, a faulty update from CrowdStrike caused kernel instability and Blue Screen of Death (BSOD) loops on millions of Windows devices worldwide, leading to major disruptions across industries. While affected parties work on remediation, threat actors are exploiting the situation through phishing, malicious domains, and fake 'hotfixes'. SentinelOne's Live Security Updates operate in isolated user-mode space, avoiding kernel impacts, and undergo rigorous testing before release, mitigating such risks.

External References

https://www.sentinelone.com/blog/crowdstrike-global-outage-threat-actor-activity-and-risk-mitigation-strategies/
https://otx.alienvault.com/pulse/669e8accb2936756bfb3e020
Tags
2024-07-22
bsod
crowdstrike

Date

  • Created: July 22, 2024, 4:37 p.m.
  • Published: July 22, 2024, 4:37 p.m.
  • Modified: July 22, 2024, 4:43 p.m.

Indicators

  • cloudstrike.website
  • c44506fe6e1ede5a104008755abf5b6ace51f1a84ad656a2dccc7f2c39c0eca2
  • pay.crowdstrife.com
  • crowdstrikedown.sitecrowdstrike-helpdesk.comcrowdstrike.buzz
  • crowdstrike.orora.group
  • crowdstrike.immed-update.com
  • cdfa4966d7a859b09a411f0d90efbf822b2d6671link.storjshare.io
  • thecrowdstrike.com
  • fuckingcrowdstrike.com
  • crudstrike.com
  • crowstrike.net
  • crowstrike.org
  • crowdstroke.io
  • crowdstrikeeventshub.com
  • crowdstrikeodayl.com
  • crowdstrikeblueteam.com
  • crowdstrike.help
  • crowdstrike.com.vc
  • crowdstrike.cam
  • crowdstrike.buzz
  • crowdstrike.bot
  • crowdstrike.blue
  • crowdstrike-solutions.nl
  • crowdstrike-fix.com
  • crowdstrike-bluescreen.com
  • crowdstrife.com
  • croudstrike.org
  • conflictstrike.com
  • clownstrike.gg
  • cccrowdstrike.ee
Download all indicators here!

Attack Patterns