close
close

Microsoft outage: Government asks companies to block these 25 ‘dangerous URLs’ – full list

Posted on by darion

Earlier this month, many businesses around the world saw their operations grind to a halt due to a flawed security update released by a US cybersecurity firm CrowdStrike was introduced to Microsoft Windows machines. A faulty software update that CrowdStrike pushed to its clients disrupted airlines, banks, hospitals, and other critical services, affecting an estimated 8.5 million Microsoft Windows machines worldwide.
Both Microsoft and CrowdStrike issued patches to get the machines back online, which took hours and in some cases days. As with almost all events (good and bad), hackers and cybercriminals were quick to take advantage of the widespread technological outage. Cybersecurity agencies around the world, including the U.S., U.K., Australia, and Canada, warned of hackers using the CrowdStrike bug to attack companies. Indian government cybersecurity agency CERT-Entry too has warned businesses in the country about hacking attacks related to the CrowdStrike outage.
CERT-In said: “We have received reports of an ongoing phishing campaign targeting CrowdStrike users that is exploiting this issue to conduct the following malicious activities: sending customers phishing emails impersonating CrowdStrike technical support staff; impersonating CrowdStrike staff in phone calls; selling software scripts that purport to automate data recovery from a content update issue; and distributing Trojan-type malware disguised as data recovery tools.
He added that such attacks can trick an unwitting user into installing unidentified malware, which can lead to confidential data leakage, system crashes and data loss.
CERT-IN also shared 25 URLs that companies should block on their networks because they are considered unsafe.
URLs
* crowdstrike.phpartners.Jorg
* crowdstrike0day(.)com
* crowdstrikebluescreen(-)com
* crowdstrike-bsod(.)com
*social strike update(.)com
* loud noise(..com)
* www.crowdstrike0day(.)com
* www.fix-crowdstrike-bsod(.)com
* community strike failure (.Jinfo
* www.microsoftcrowdstrike(.)com
* crowdstrikeoday|(.)com
* crowd noise
* www.crowdstriketoken(.)com
* www.crowdstrikefix(..com
* fix-crowdstrike-apocalypse(.)com
* microsoftcrowdstrikel..com
*crowdstrikedoomsdayl.com
* crowd strike(..com
* what is crowdstrike(..com
* crowdstrike-helpdesk(..com
*crowdstrikefix..com
* fix-crowdstrike-bsod(.)com
* crowdstrikedown ()page
* the crowd got stuck(.Jorg
* Crowdfalcon-immed-update(.)com
* crowdstriketoken(.)com
* crowdstrikeclaim(.)com
*crowdstrikeblueteam(.)com
* crowdstrike-office365(.)com
*crowdstrikefix-)zip
* crowdstrikereport(.)com