Attention Crypto-miners!
Exploitation attempts are on the rise.
A critical vulnerability needs to be fixed.
Introduction:
In mid-December a huge vulnerability was identified in a piece of software known as Log4j – also known as Log4Shel or LogJam.
Log4j is a logging framework that helps developers keep track of changes and usage activity inside their applications. It is standard practice
for software developers to use a logging framework. For various reason Log4j has become the standard code that developers use.
That being the case many java based applications are affected by this vulnerability.
Details:
At this point in time, it seems that this snafu is slow to spread. That being the case Internet Security Firms have confirmed that hackers
are actively targeting the log4j vulnerability. Specifically, state-sponsored groups from China and Iran are trying to gain access using this exploit
and for now, are targeting crypto miners. These attacks come in two phases.
Phase I is to gain access to your systems
Phase II is to weaponize the vulnerability through ransomware or espionage.
Closing:
From what I have read it seems like the hackers have completed phase one. It is concerning.
According to Yoran (founding director of US-CERT) "We're also already seeing it leveraged for ransomware attacks.
They have also seen reports of attackers using Log4Shell to destroy systems without even looking to collect ransom."
Recommendation:
Is to patch applications and devices that are using java Log4j.
Request Help:
If you or your organization needs help to identify, manage, or execute patches and fixes for log4j then please feel free to contact Vectech Solution.
The quickest way to get help with this issue is to fill out the contact form on our website www.vectechsolutions.com.
A security tech will reach out to you.
#cryptominers #Log4j #vulnerability #Log4Shell #LogJam.