Hackers used the Log4Shell vulnerability to install hidden miners
The experts have identified attacks aimed at devices running Linux
13.12.2021 - 12:20
213
1 min
0
.
What’s new? The experts from Netlab 360 reported a critical vulnerability in Apache Log4j, a Java-based logging library. The attackers used it to install the malware and hidden miners.
Information on the Netlab 360 blog
What is the danger of a critical vulnerability? Log4Shell or LogJam is a Remote Code Execution class vulnerability. If the attackers manage to exploit it on one of the servers, they will be able to execute the arbitrary code and take full control of the system. The hackers took advantage of the situation to launch the Kinsing crypto miners and organize large-scale DDoS attacks. .
What are the experts saying? The Apache Foundation recommends that all developers upgrade the library to version 2.15.0, or if this is not possible, use one of the methods described on the Apache Log4j Security Vulnerabilities page. The experts added:
“At the moment, there have been no instances of exploitation of vulnerabilities by ransomware or APT-groups, however, the fact of the deployment of Cobalt Strike beacons indicates the forthcoming malicious campaigns.”
Useful material?
Market
Tether Finance division will be responsible for the issuance and redemption of USDT stablecoins
Apr 18, 2024
Trends
The first project introduced on the platform will be BounceBit (BB)
Apr 18, 2024
Business
The rate exchange of the native ACH token reacted with a 10% increase
Apr 18, 2024
Market
Miners are hunting for the first block after halving as the value of the first satoshi could exceed $1 million
Apr 18, 2024
Market
The platform will be non-custodial and accessible to everyone
Apr 15, 2024
Market
China Asset Management, Harvest Global Investments, and Bosera Asset Management have received permits
Apr 15, 2024