Log4Shell, a severe zero-day vulnerability in Apache Log4j library, sheds light on the risky practices of organizations relying on open-source code libraries to build enterprise-scale applications. The remote code execution (RCE) vulnerability CVE-2021-44228 reportedly allows remote hackers to execute arbitrary code and take full control of the vulnerable devices.
Apache Log4j is a popular Java logging library leveraged by numerous organizations worldwide to enable logging in a wide set of popular applications.
Security researchers from Netlab stated that adversaries are actively exploiting vulnerable servers by leveraging Log4Shell to deploy cryptocurrency miners and malware variants like Cobalt Strike.
The researchers also found threat actors using botnets like Mirai and Muhstik against vulnerable systems to spread malware and orchestrate distributed denial-of-service (DDoS) attacks.
“The Log4j vulnerability that came to light at the end of the year can undoubtedly be considered a major event in the security community. We have been concerned about which botnets would be exploiting this since the vulnerability was made public. Our Anglerfish and Apacket honeypots have caught two waves of attacks using the Log4j vulnerability to form botnets, and a quick sample analysis showed that they were used to form Muhstik and Mirai botnets respectively, both targeting Linux devices,” the researchers said.
Systems and services that use the Java logging library, Apache Log4j between versions 2.0 and 2.14.1. This includes many applications and services written in Java.
The Apache Foundation recommended that all developers and users update the library to version 2.15.0 using methods described on the Apache Log4j Security Vulnerabilities advisory to avoid hackers exploiting their servers.
If applying the patch is impossible, Apache also provided certain remediation steps in its advisory. These include:
The post Hackers Actively Exploit Log4Shell Flaw in Apache Log4j appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor