CrowdStrike discovered a phishing campaign impersonating their company. Phishing emails, disguised as job postings, aim to infect recipients with a Monero cryptominer.
The phishing emails impersonate CrowdStrike employees, thanking recipients for job applications and instructing them to download a CRM application purportedly for onboarding.
Upon clicking the links, victims are redirected to a look-alike website that tricks them into downloading a software designed to ultimately install a cryptominer.
The malicious application performs environmental checks, generates fake error messages to mislead victims, and stealthily installs a Monero miner for long-term persistence.
Collection
[
|
...
]