Hackers used the Log4Shell vulnerability to install hidden miners
The experts have identified attacks aimed at devices running Linux
![Hackers used the Log4Shell vulnerability to install hidden miners](https://storage.getblock.net/source/1/DnmwvnrXIlh_M8qI47-nAfn_dCmbX7OY.jpg)
13.12.2021 - 12:20
250
1 min
0
.
What’s new? The experts from Netlab 360 reported a critical vulnerability in Apache Log4j, a Java-based logging library. The attackers used it to install the malware and hidden miners.
Information on the Netlab 360 blog
What is the danger of a critical vulnerability? Log4Shell or LogJam is a Remote Code Execution class vulnerability. If the attackers manage to exploit it on one of the servers, they will be able to execute the arbitrary code and take full control of the system. The hackers took advantage of the situation to launch the Kinsing crypto miners and organize large-scale DDoS attacks. .
What are the experts saying? The Apache Foundation recommends that all developers upgrade the library to version 2.15.0, or if this is not possible, use one of the methods described on the Apache Log4j Security Vulnerabilities page. The experts added:
“At the moment, there have been no instances of exploitation of vulnerabilities by ransomware or APT-groups, however, the fact of the deployment of Cobalt Strike beacons indicates the forthcoming malicious campaigns.”
Useful material?
Market
Australia’s largest financial institutions have refused to process payments to digital asset trading platforms due to the risk of fraud
Jul 26, 2024
Politics
According to the politician, the value of the country’s bitcoin reserves should equal the value of gold reserves
Jul 26, 2024
Mining
The capacity of the Bitaxe device used by the network participant is only 500 Gh/s
Jul 25, 2024
Trends
Meanwhile, Trump-inspired assets have not shown significant growth
Jul 22, 2024
Market
The fee will be as much as 2,5% compared to 0,25-0,19% for competitors
Jul 18, 2024
Market
This is the third consecutive month of decline
Jul 18, 2024