“We know that adversaries and bad actors will try to exploit events like this,” he said in a blog post, external.
“Our blog and technical support will continue to be the official channels for the latest updates.”
His words were echoed by cybersecurity expert Troy Hunt, who runs the well-known Have I Been Pwned security website.
“An incident like this that has commanded so many headlines and has people worried is a gift to scammers,” he said.
Mr Hunt was responding to a warning from the Australian Signals Directorate (known as the ASD, the equivalent of the UK’s GCHQ or the US’s National Security Agency) which issued an alert about hackers sending out bogus software fixes claiming to be from CrowdStrike.
“Alert! We understand a number of malicious websites and unofficial code are being released claiming to help entities recover,” the notice reads.
The agency is urging IT responders to only use CrowdStrike’s website to source information and help.
The ASD warning follows calls from the UK’s National Cyber Security Centre (NCSC) on Friday for people to be hyper vigilante of suspicious emails or calls that pretend to be CrowdStrike or Microsoft help.
“An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation,” the agency said.
source: https://www.bbc.com/news/articles/cq5xy12pynyo
