Cyber Attack cyber

CrowdStrike

Jan 14, 2025 1 min read
CrowdStrike

CrowdStrike experienced a phishing campaign misusing its recruitment brand to distribute a fraudulent 'employee CRM application' which, when downloaded and executed, installs the XMRig cryptominer. Attackers lured job seekers with fake junior developer positions, directing them to a deceptive site where they could download the malware under the guise of necessary software for a recruitment call. The Rust-written Windows executable had evasion tactics to circumvent security analysis and would initiate mining activities upon successful deceit. This campaign not only abused CrowdStrike's brand for distributing malware but also targeted individuals seeking employment.

Source: https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html

TPRM report: https://scoringcyber.rankiteo.com/company/crowdstrike

"id": "cro000011425",
"linkid": "crowdstrike",
"type": "Cyber Attack",
"date": "1/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Cybersecurity',
                        'name': 'CrowdStrike',
                        'type': 'Company'}],
 'attack_vector': 'Fake job postings and malicious downloads',
 'description': 'CrowdStrike experienced a phishing campaign misusing its '
                "recruitment brand to distribute a fraudulent 'employee CRM "
                "application' which, when downloaded and executed, installs "
                'the XMRig cryptominer. Attackers lured job seekers with fake '
                'junior developer positions, directing them to a deceptive '
                'site where they could download the malware under the guise of '
                'necessary software for a recruitment call. The Rust-written '
                'Windows executable had evasion tactics to circumvent security '
                'analysis and would initiate mining activities upon successful '
                "deceit. This campaign not only abused CrowdStrike's brand for "
                'distributing malware but also targeted individuals seeking '
                'employment.',
 'impact': {'brand_reputation_impact': ["CrowdStrike's brand abuse"],
            'systems_affected': ["Job seekers' systems"]},
 'initial_access_broker': {'entry_point': 'Fake job postings'},
 'motivation': 'Cryptomining',
 'title': 'Phishing Campaign Targeting Job Seekers',
 'type': 'Phishing'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.