Malaysia
MyCERT warns of phishing attacks milking CrowdStrike chaos
Long lines form at check-in counters in Terminal 2 of Kuala Lumpur International Airport in Sepang July 19, 2024, after some services and facilities were affected by a global IT outage. — Picture by Choo Choo May

KUALA LUMPUR, July 20 — The Malaysia Computer Emergency Response Team (MyCERT) has issued a critical alert following reports of increased phishing attacks leveraging recent CrowdStrike incidents.

These attacks use fraudulent domains, command-and-control (C2) internet protocol (IP) addresses and malware binaries to compromise systems and steal sensitive information, said MyCERT on its website today.

Advertising
Advertising

It said the phishing domains mimic legitimate websites, deceiving users into unknowingly installing malware or disclosing personal credentials.

Meanwhile, attackers use C2 servers to maintain control over compromised devices and extract sensitive data.

Additionally, malicious software, delivered through websites or emails, exacerbates the threat landscape by executing harmful actions on infected devices, MyCERT noted.

The agency has provided 30 potential indicators of compromise (IoC), including their value, type, and additional information, available on its website.

"To safeguard your organisation against the recent surge in phishing attacks involving phishing domains, C2 IPs, and malware binaries, it is crucial to monitor and protect based on the provided IoCs.

"Generally, CyberSecurity Malaysia advises users to stay updated with the latest security announcements from vendors and follow best practice security policies to determine which updates should be applied,” it added.

For further information and assistance, MyCERT encourages the public to contact them through various communication channels, including email (cyber999@cybersecurity.my), phone (1-300-88-2999 during business hours, mobile: +60 19 2665850 for 24/7 call incident reporting), and social media platforms (Website: MyCERT; Twitter: MyCERT on Twitter; Facebook: MyCERT on Facebook).

Yesterday, media reported that a mass cyber outage affected key institutions such as airlines, banks, media outlets, and hospitals in several countries.

CrowdStrike Holdings Inc is an American cybersecurity technology company based in Austin, Texas. It provides penetration, workload, endpoint security, threat intelligence and cyberattack response services. — Bernama

Related Articles

 

You May Also Like