Log4Shell flaw: Still being used for crypto mining, botnet building… and Rickrolls

Log4Shell, the critical bug in Apache’s widely used Log4j project, hasn’t triggered the disaster that was feared, but it’s still being exploited and predominantly from cloud computers in the US. 

The Log4Shell vulnerability came to light in December and sparked concern that it would be exploited by attackers because it was relatively easy to do and because the Java application logging library is embedded in many different services.

ZDNet Recommends

Microsoft has observed Log4Shell being used by state-sponsored and criminal attacks but early on found it was mostly being used for coin mining and ransomware. It advised customers to “assume broad availability of exploit code and scanning capabilities to be a real and present danger to their environments.”

SEE: Linux malware attacks are on the rise, and businesses aren’t ready for it

The Cybersecurity and Infrastructure Security Agency warned that, while it hadn’t seen any major breach happen due to the flow, attackers might be waiting to use access gained through Log4Shell until alert levels fall. Oracle, Cisco, IBM and VMware have spent the past two months releasing patches for affected software. 

Barracuda Networks, a maker of network security appliances, has now said that Log4Shell attacks are happening

Read More: https://www.zdnet.com/article/log4shell-flaw-still-being-used-for-crypto-mining-botnet-building-and-rick-rolls/#ftag=RSSbaffb68