Cyber Attack cyber

CrowdStrike

Jan 14, 2025 1 min read
CrowdStrike

CrowdStrike experienced a phishing campaign misusing its recruitment brand to distribute a fraudulent 'employee CRM application' which, when downloaded and executed, installs the XMRig cryptominer. Attackers lured job seekers with fake junior developer positions, directing them to a deceptive site where they could download the malware under the guise of necessary software for a recruitment call. The Rust-written Windows executable had evasion tactics to circumvent security analysis and would initiate mining activities upon successful deceit. This campaign not only abused CrowdStrike's brand for distributing malware but also targeted individuals seeking employment.

Source: https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html

"id": "cro000011425",
"linkid": "crowdstrike",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
Published by
Jeremy C
Jeremy C
You might also like
Cyber Attack cyber

WIRED

public 1 min read
During the 2024 Democratic National Convention in Chicago, WIRED uncovered potential unauthorized use of a cell-site simulator capable of intercepting…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.