CrowdStrike Insider Helped Hackers Falsely Claim System Breach

Posted on By CWS

Cybersecurity agency CrowdStrike has fired an insider caught promoting screenshots of their laptop to cybercriminals.

The screenshots, which have been posted by the financially motivated hacking group Scattered Lapsus$ Hunters on its Telegram channel, embody photographs of the corporate’s dashboards, together with a hyperlink to an Okta Single Signal-On (SSO) panel.

The hackers initially claimed that the screenshots have been proof that that they had gained entry to CrowdStrike’s techniques by way of the exploitation of Gainsight, a third-party vendor sometimes used for buyer administration.

Final week, the menace actors stated they compromised quite a few Salesforce prospects by way of their Gainsight integrations, and Salesforce disconnected Gainsight-published functions from its platform.

In an announcement to SecurityWeek, CrowdStrike denied being compromised and confirmed that an ‘insider’ was chargeable for the leak.

“We recognized and terminated a suspicious insider final month following an inside investigation that decided he shared photos of his laptop display externally,” an organization spokesperson stated.

“Our techniques have been by no means compromised and prospects remained protected all through. Now we have turned the case over to related legislation enforcement companies,” the consultant added.

It’s unclear whether or not the insider is an worker, contractor, guide, or enterprise companion with approved entry to the corporate’s inside techniques.Commercial. Scroll to proceed studying.

Scattered Lapsus$ Hunters reportedly claimed paying $25,000 to the CrowdStrike insider for the leaked knowledge, for entry to the corporate’s techniques, and for authentication cookies.

The menace actor just lately claimed to have remodeled 1,000 victims in a number of knowledge theft campaigns focusing on Salesforce prospects, together with high-profile manufacturers and cybersecurity corporations.

Associated: Mazda Says No Information Leakage or Operational Affect From Oracle Hack

Associated: Spanish Airline Iberia Notifies Clients of Information Breach

Associated: 146,000 Impacted by Delta Dental of Virginia Information Breach

Associated: Cox Confirms Oracle EBS Hack as Cybercriminals Title 100 Alleged Victims

Security Week News Tags:, , , , , , ,

Related Posts

Mikko Hypponen Leaves Anti-Malware Industry to Fight Against Drones Security Week News
CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) Security Week News
Neon Cyber Emerges from Stealth, Shining a Light into the Browser Security Week News
Gambling Tech Firm Bragg Discloses Cyberattack Security Week News
React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability Security Week News
In Other News: Hackers Not Behind Blackout, CISO Docuseries, Dior Data Breach Security Week News