Likely eCrime Actor Capitalizing on Falcon Sensor Issues
https://opencti.netmanageit.com
SUMMARY :
A cybercrime group has leveraged a content update issue with the CrowdStrike Falcon sensor to distribute malicious files targeting Latin American customers. The campaign involves a ZIP archive named 'crowdstrike-hotfix.zip' containing a HijackLoader payload that loads RemCos malware, using Spanish filenames and instructions, indicating it specifically aims at CrowdStrike clients in that region.
OPENCTI LABELS :
phishing,remcos,latam,hijackloader,falcon
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Likely eCrime Actor Capitalizing on Falcon Sensor Issues