© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Threat actors impersonate Crowdstrike to extort data and deploy ransomware

Hackers use a callback phishing campaign to impersonate cybersecurity companies to gain access to corporate networks.

Crowdstrike cybersecurity company released a statement claiming that hackers used their name to lure victims. Customers receive an impersonating email from Crowdstrike, which claims that their company has been breached, and are asked to call the given phone number.


“In a new callback phishing campaign, the hackers are impersonating CrowdStrike to warn recipients that malicious network intruders have compromised their workstations and that an in-depth security audit is required,” Crowdstrike said in a recent blog post.

The email explains in detail why a security audit is needed and how the agreement between the customer and the company obligates them to perform it. If the email recipient calls the given phone number, threat actors can direct them to a malicious website.

It is speculated that the attackers may be using remote access tools (RATs) for initial entry and penetration testing tools for lateral movement. They will likely extort data and deploy ransomware.

Crowdstrike cannot verify the variant, but attackers will supposedly attempt to monetize the operation.

The researchers at Crowdstrike found a similar campaign in March 2022. Hackers would install AteraRMM, which is RAT software, to gain initial network access and deploy malware.

Additionally, there are also similarities with the 2021 BazarCall campaign used by the Conti ransomware gang, which also used social engineering. However, just months after their data was exposed, the group shut down its operations.

Regardless of past threats, Crowstrike noted: “This is the first identified callback campaign impersonating cybersecurity entities and has higher potential success given the urgent nature of cyber breaches.”

More from Cybernews:

UK police arrest three people by using facial recognition in central London

Ex-CIA hacker convicted of WikiLeaks data crime

Over 1.9m people impacted in one of this year’s biggest medical data breaches

Amazon’s Ring shared data with US police without user permission 11 times this year

Conman used phishing techniques to defraud insurers out of millions

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked