.png)
THE Malaysia Computer Emergency Response Team (MyCERT) has issued a critical alert following reports of increased phishing attacks leveraging recent CrowdStrike incidents.
On its website MyCERT warned that these attacks use fraudulent domains, command-and-control (C2) internet protocol (IP) addresses and malware binaries to compromise systems and steal sensitive information.
MyCERT said the phishing domains mimic legitimate websites, deceiving users into unknowingly installing malware or disclosing personal credentials.
It said attackers use C2 servers to maintain control over compromised devices and extract sensitive data.
Additionally, malicious software, delivered through websites or emails, increases the threat landscape by executing harmful actions on infected devices, MyCERT said.
MyCERT provided 30 potential indicators of compromise (IOC), including their value, type, and additional information, available on its website.
“To safeguard your organisation against the recent surge in phishing attacks involving phishing domains, C2 IPs, and malware binaries, it is crucial to monitor and protect based on the provided IOCs.
“Generally, CyberSecurity Malaysia advises users to stay updated with the latest security announcements from vendors and follow best practice security policies to determine which updates should be applied,” it said on its website.
For further information and assistance, MyCERT encourages the public to contact them through various communication channels, including email (cyber999@cybersecurity.my), phone (1-300-88-2999 during business hours, mobile: +60 19 2665850 for 24/7 call incident reporting), and social media platforms (Website: MyCERT; Twitter: MyCERT on Twitter; Facebook: MyCERT on Facebook).
Yesterday, the media reported that a mass cyber outage affected key institutions such as airlines, banks, media outlets, and hospitals in several countries.
CrowdStrike Holdings Inc is an American cybersecurity technology company based in Austin, Texas. It provides penetration, workload, endpoint security, threat intelligence and cyber attack response services. – July 20, 2024.