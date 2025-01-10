Phishing, Malware, Threat Intelligence

CrowdStrike spoofed in recruitment phishing scam

Closeup of mobile phone screen with logo lettering of crowdstrike cyber security company on computer keyboard

CrowdStrike reports that it was spoofed by hackers looking to execute XMRig cryptoming malware. (Adobe Stock)

BleepingComputer reports that threat actors were disclosed by CrowdStrike to have impersonated the cybersecurity firm in a new recruitment phishing scheme that sought to facilitate XMRig cryptomining malware compromise.

Intrusions discovered earlier this week commenced with the delivery of a malicious email purporting to be from a CrowdStrike employment agent that includes a link for downloading an employee CRM app, which when clicked redirected to a CrowdStrike-spoofing website offering Windows and macOS versions of the app, according to CrowdStrike. After conducting continuous sandbox checks upon downloading, the app proceeds to display a bogus error message while fetching a configuration text file for XMRig execution before downloading the ZIP archive containing the cryptominer that is eventually deployed in the background to conceal malicious activity. Such findings should prompt job seekers to be more vigilant of recruitment offers and avoid those that emphasize urgency or request downloads of third-party apps for interviews.

Related

Enterprise phishing clicks surged in 2024

Most phishing clicks have been aimed at cloud apps, the most targeted of which were those made by Microsoft as threat actors sought to compromise Microsoft 365 and Microsoft Live credentials, according to a report from Netskope.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

DarknetData MiningDeauthentication AttackDictionary AttackDistributed ScansDumpSecGoogle HackingHybrid AttackInformation WarfareReconnaissance

You can skip this ad in 5 seconds