Cybersecurity firms continue to warn users against Log4Shell attacks

February 16, 2022
Cybersecurity Firms Warning Users Log4Shell Log4f Vulnerability Exploit Cyberattacks

Several cybersecurity firms continue to raise red flags regarding threat actors who use the Log4j critical flaw – Log4Shell – in their malicious activities. According to the researchers, they have observed several attacks that have been actively exploiting the vulnerability.

In the past couple of months, various security firms released an advisory regarding threat actors attempting to abuse the Log4j flaw. The Dutch National Cybersecurity Centre has warned its citizens against this vulnerability and explained that the threat actors would continue to exploit the flaw even though multiple warnings are released against its abuse.

Microsoft has also released an advisory about a threat group called DEV-0401 that actively exploits the Log4Shell flaw on VMware Horizon systems and spreads the Night Sky ransomware.

Another separate researcher joined in the warning assemblies since they have spotted evidence of a vulnerability in Log4j being utilised to reproduce malware used by the Mirai group, targeting Zyxel networking machines.

 

The Log4Shell flaw will not disappear quickly since threat actors are still actively abusing the vulnerability in different attack opportunities.

 

According to some reports, several ransomware groups heavily abuse Log4Shell in their campaigns. One confirmed group that actively uses the flaw is the gang known as Conti ransomware spotted by analysts abusing the CVE-2021-44228 vulnerability since December last year.

In related news, a few months ago, SolarWinds repaired a flaw in a file-sharing software called Serv-U when threat actors exploited that flaw to obtain login access to the energy firm.

Lastly, researchers also discovered that threat actors were observed trying to abuse the flaw for distributing the new Khonsari ransomware on Windows Systems.

The Log4Shell critical flaw has transformed into a severe threat and poses considerable obstacles to the cybersecurity community. Multiple security firms, providers, and services are consistently helping users to lessen the danger carried by the Log4j.

About the author

Leave a Reply