Heads-Up: Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer

Following up on recent reports that threat actors were capitalizing on the CrowdStrike glitch by using phishing attacks to obtain credentials or spread malware, CrowdStrike reported yesterday:

On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal.

Read the technical details on CrowdStrike’s Blog.