Lookalike Crowdstrike Domains Discovered by DNSFilter to Date

As most of the world is aware, after a routine update pushed by CrowdStrike last week to Microsoft devices, a global IT outage occurred impacting a range of industries including hospitals, broadcast television, government, and most notoriously airlines.

After last week’s world-wide outage, we have noticed a significant uptick in the use of “crowdstrike” (or similar) in the names of newly registered domains. Some of the following domains have threat indicators, while some have simply been registered since the outage. Out of an abundance of caution at DNSFilter, we are marking all of these newly registered domains as blocked on our network.

The list currently sits at 65 FQDNs, but as we discover more we will publish them here:

crowdstrike[.]technology

crowdstrikeout[.]com

fix-crowdstrike-bsod[.]com

crowdstrikefixer[.]com

fixcrowdstrike[.]com[.]au

crowdstrikecommuication[.]app

crowdstrikeclassaction[.]com

crowdstrikesuporte[.]com

crowdstrikewindowsoutage[.]com

suportecrowdstrike[.]com

fix-crowdstrike-apocalypse[.]com

crowdstrikefix[.]zip

crowdstrikelawsuit[.]com

crowdstrike[.]xn--node

crowdstrikedown[.]com

iscrowdstrikedown[.]com

supportfalconcrowdstrike[.]com

crowdstrikeevents[.]com

crowdstrikeblueteam[.]com

crowdstrike[.]blue

crowdstrike[.]buzz

crowdstrikeold[.]com

crowdstrikeoopsie[.]com

crowdstrikebsod[.]com

crowdstrike[.]live

crowdstrike[.]fail

crowdstrikezeroday[.]com

fix-crowdstrike[.]com

isitcrowdstrike[.]com

crowdstrike-out[.]com

crowdstrikeoops[.]com

crowdstrike[.]bot

crowdstrike[.]life

crowdstrikeodayl[.]com

crowdstrike-helpdesk[.]com

crowdstrike-falcon[.]online

crowdstriketoken[.]com

crowdstrike[.]feedback

crowdstrikeoutage[.]com

microsoftcrowdstrike[.]com

crowdstrikeglitch[.]com

crowdstrike-bsod[.]com

crowdstrikeclaims[.]com

fix-crowdstrike-bsod[.]com

www[.]fix-crowdstrike-bsod[.]com

crowdstrikeoutage[.]info

crowdstrikeclaim[.]com

crowdstrikebluescreen[.]com

crowdstrikerecovery[.]com

crowdstrikefail[.]com

crowdstrikedown[.]site

crowdstrikeupdate[.]com

crowdstrikebug[.]com

crowdstrikecure[.]com

crowdstrike[.]site

crowdstrike[.]help

crowdstrike0day[.]com

crowdstrike[.]bsod[.]com

crowdstrikerecovery[.]pro

whatiscrowdstrike[.]com

crowdstrike[.]cam

crowdstrikefix[.]com

crowdstrikereport[.]com

crowdstrike-falcon[.]online

www[.]crowdstrike-helpdesk[.]com

crowdstrikedoomsday[.]com

Edited on 7/23/2024 to add the following domains:

crowdstrikekernelcar[.]com

crowdstrikerecovery[.]info

crowdstrikepatch[.]com

crowdstriked[.]net

crowdstrikeyou[.]xyz

crowdstrikefix[.]lol

crowdstrikefix[.]blog

crowdstrikebug[.]info

crowdstrikerestore[.]com

fixmycrowdstrike[.]com

secure-crowdstrike[.]com

supportcrowdstrike[.]blog

Edited on 7/25/2024 to add the following domains:

crowdstrikebugrestorer[.]com

crowdstrikeerrorfix[.]com

crowdstrikesysmendpro[.]com

crowdstrikerecovery[.]lol

crowdstrikerecovery[.]live

crowdstrike-office365[.]com

crowdstrikerescue[.]org

crowdstrikebugfix[.]com

crowdstrikefailpatch[.]com

outagecrowdstrike[.]com

downstrike[.]lol

crowdstrife[.]com

Updated on 7/26/2024 to add the following domains:

crudstrike[.]com

crowdstroke[.]zip

crowstrike[.]net

crowstrike[.]org

crowdstuck[.]org

croudstrike[.]org

crowdstrikingit[.]com

crowd-struck[.]com

crowdstrikefixes[.]com

crowdstrikehelp[.]info

crowdstrikekernelshield[.]com

crowdstrikeclassactionlawsuit[.]com

crowdstrikekernelcare[.]com

crowdstrikeerrormender[.]com

crowdstrikefix[.]info

crowdstrikebugfixpro[.]com