CrowdStrike Chaos: Fake Recovery Manual Spreads Daolpu Malware Amid Falcon Fiasco

CrowdStrike warns that a fake recovery manual for Windows devices is spreading the Daolpu malware. This phishing campaign uses a disguised Microsoft recovery document to install Daolpu, which steals account credentials, browser history, and cookies. Users are advised to follow official CrowdStrike communications for safe recovery.

3P
Published: July 23, 2024 2:37 pmAdded: July 23, 2024 at 8:06 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who needs hackers when you have buggy updates doing half the job for them? CrowdStrike’s Falcon update oopsie has launched a malware fiesta, and Daolpu just RSVP’d with a plus one!

Key Points:

  • Daolpu malware is spread through phishing emails disguised as recovery manuals for Windows devices.
  • The phishing document contains macros that download and execute a base64-encoded DLL, activating the Daolpu stealer.
  • Daolpu targets multiple web browsers, including Chrome, Edge, Firefox, and Cốc Cốc, to harvest credentials and cookies.
  • The stolen data is sent back to the attackers’ server and then erased from the compromised device.
  • CrowdStrike has released a YARA rule for detection and advises users to verify communication authenticity.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?