Likely eCrime Actor Capitalizing on Falcon Sensor Issues

Description

A cybercrime group has leveraged a content update issue with the CrowdStrike Falcon sensor to distribute malicious files targeting Latin American customers. The campaign involves a ZIP archive named 'crowdstrike-hotfix.zip' containing a HijackLoader payload that loads RemCos malware, using Spanish filenames and instructions, indicating it specifically aims at CrowdStrike clients in that region.