Likely eCrime Actor Capitalizing on Falcon Sensor Issues
released on 2024-07-29 @ 12:16:12 PM
A cybercrime group has leveraged a content update issue with the CrowdStrike Falcon sensor to distribute malicious files targeting Latin American customers. The campaign involves a ZIP archive named 'crowdstrike-hotfix.zip' containing a HijackLoader payload that loads RemCos malware, using Spanish filenames and instructions, indicating it specifically aims at CrowdStrike clients in that region.