As most of the world is aware, after a routine update pushed by CrowdStrike last week to Microsoft devices, a global IT outage occurred impacting a range of industries including hospitals, broadcast television, government, and most notoriously airlines.
After last week’s world-wide outage, we have noticed a significant uptick in the use of “crowdstrike” (or similar) in the names of newly registered domains. Some of the following domains have threat indicators, while some have simply been registered since the outage. Out of an abundance of caution at DNSFilter, we are marking all of these newly registered domains as blocked on our network.
The list currently sits at 65 FQDNs, but as we discover more we will publish them here:
crowdstrike[.]technology
crowdstrikeout[.]com
fix-crowdstrike-bsod[.]com
crowdstrikefixer[.]com
fixcrowdstrike[.]com[.]au
crowdstrikecommuication[.]app
crowdstrikeclassaction[.]com
crowdstrikesuporte[.]com
crowdstrikewindowsoutage[.]com
suportecrowdstrike[.]com
fix-crowdstrike-apocalypse[.]com
crowdstrikefix[.]zip
crowdstrikelawsuit[.]com
crowdstrike[.]xn--node
crowdstrikedown[.]com
iscrowdstrikedown[.]com
supportfalconcrowdstrike[.]com
crowdstrikeevents[.]com
crowdstrikeblueteam[.]com
crowdstrike[.]blue
crowdstrike[.]buzz
crowdstrikeold[.]com
crowdstrikeoopsie[.]com
crowdstrikebsod[.]com
crowdstrike[.]live
crowdstrike[.]fail
crowdstrikezeroday[.]com
fix-crowdstrike[.]com
isitcrowdstrike[.]com
crowdstrike-out[.]com
crowdstrikeoops[.]com
crowdstrike[.]bot
crowdstrike[.]life
crowdstrikeodayl[.]com
crowdstrike-helpdesk[.]com
crowdstrike-falcon[.]online
crowdstriketoken[.]com
crowdstrike[.]feedback
crowdstrikeoutage[.]com
microsoftcrowdstrike[.]com
crowdstrikeglitch[.]com
crowdstrike-bsod[.]com
crowdstrikeclaims[.]com
fix-crowdstrike-bsod[.]com
www[.]fix-crowdstrike-bsod[.]com
crowdstrikeoutage[.]info
crowdstrikeclaim[.]com
crowdstrikebluescreen[.]com
crowdstrikerecovery[.]com
crowdstrikefail[.]com
crowdstrikedown[.]site
crowdstrikeupdate[.]com
crowdstrikebug[.]com
crowdstrikecure[.]com
crowdstrike[.]site
crowdstrike[.]help
crowdstrike0day[.]com
crowdstrike[.]bsod[.]com
crowdstrikerecovery[.]pro
whatiscrowdstrike[.]com
crowdstrike[.]cam
crowdstrikefix[.]com
crowdstrikereport[.]com
crowdstrike-falcon[.]online
www[.]crowdstrike-helpdesk[.]com
crowdstrikedoomsday[.]com
Edited on 7/23/2024 to add the following domains:
crowdstrikekernelcar[.]com
crowdstrikerecovery[.]info
crowdstrikepatch[.]com
crowdstriked[.]net
crowdstrikeyou[.]xyz
crowdstrikefix[.]lol
crowdstrikefix[.]blog
crowdstrikebug[.]info
crowdstrikerestore[.]com
fixmycrowdstrike[.]com
secure-crowdstrike[.]com
supportcrowdstrike[.]blog
Edited on 7/25/2024 to add the following domains:
crowdstrikebugrestorer[.]com
crowdstrikeerrorfix[.]com
crowdstrikesysmendpro[.]com
crowdstrikerecovery[.]lol
crowdstrikerecovery[.]live
crowdstrike-office365[.]com
crowdstrikerescue[.]org
crowdstrikebugfix[.]com
crowdstrikefailpatch[.]com
outagecrowdstrike[.]com
downstrike[.]lol
crowdstrife[.]com
Updated on 7/26/2024 to add the following domains:
crudstrike[.]com
crowdstroke[.]zip
crowstrike[.]net
crowstrike[.]org
crowdstuck[.]org
croudstrike[.]org
crowdstrikingit[.]com
crowd-struck[.]com
crowdstrikefixes[.]com
crowdstrikehelp[.]info
crowdstrikekernelshield[.]com
crowdstrikeclassactionlawsuit[.]com
crowdstrikekernelcare[.]com
crowdstrikeerrormender[.]com
crowdstrikefix[.]info
crowdstrikebugfixpro[.]com