The electronic arena witnessed a serious development after the defect that struck CrowdStrike, the leading cybersecurity company. At a time when global companies and institutions were struggling to repair the damage caused by the faulty update launched by CrowdStrike, cyber threat groups took advantage of this situation to spread new attacks targeting many institutions.
Handala attack on Israeli organizations:
After the issue occurred with CrowdStrike, the Handala cyber threat group began a targeted phishing campaign using malware (wiper) and intentional concealment (FUD) against thousands of Israeli organizations. According to the group’s statements, the data of dozens of Israeli organizations was leaked, while the Israeli Cybersecurity Authority ( INCD) is unaware of major aspects of the story.
The group threatened to publish the list of affected organizations if INCD did not publish it, and Handala confirmed that its campaign is still ongoing and that its influence will increase as the work day begins.
Other exploitation by threat actors in Latin America:
In the same context, cybercriminals exploited a flaw in the CrowdStrike update to distribute Remcos RAT malware, disguised as a hotfix, to customers in Latin America. These attacks are believed to be aimed at taking control of target computers and stealing sensitive information.
We See What Others Cannot
