Log4Shell RCE Vulnerability Attracts Attention from Cybercriminals

Cybercriminals are always on the prowl for new vulnerabilities that they can use to aid their attacks. One of the popular, recent vulnerabilities is called Log4Shell. It affects the Apache Log4j logging platform, which is used to manage Web server and application logs. The vulnerability allows for Remote Code Execution (RCE,) which enables criminals to perform all sorts of tasks on affected devices. While the critical security issue has already been patched with the release of Log4j 2.15.0, there are still thousands of systems that are running older, vulnerable version of the service.

What Payloads Are Abused Alongside the Log4Shell Vulnerability?

Although the Log4Shell vulnerability has been public for just a few days, there are already plenty of threat groups taking advantage of it. Some of the more notorious attacks executed with the use of the Log4Shell vulnerability include:

  • Planting cryptocurrency mining malware with the use of the Kinsing backdoor Trojan. This particular campaign uses a complex set of shell scripts, which perform various tasks on infected devices – such as disabling services consuming hardware resources, and wiping out other cryptomining malware. The latter step is common when talking of cryptocurrency mining Trojans since their operators do not want any other malware interfering with their operations.
  • The Log4Shell vulnerability has also been in use by operators of botnets based on Mirai and Mushtik. The criminals behind these operations are likely to harvest the hardware and network resources of the infected systems to execute distributed-denial-of-service (DDoS) attacks.
  • Planting cracked Cobalt Strike beacons. This popular penetration testing framework is regularly misused by cybercriminals who have malicious intentions.

As you can see, cybercriminals waste no time when it comes to exploiting the latest vulnerabilities in Internet-facing software and services. Stay ahead of them by regularly applying the latest software updates and firmware patches, ensuring the security of your devices.

By Ruik
December 14, 2021
Computer Security
English
December 14, 2021
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Computer Security

'CallStranger' Vulnerability Found in Most IoT Devices Gives Cybercriminals Advantages

Researchers warn users about a security vulnerability that may affect billions of IoT (Internet of Things) devices around the world. It is known as the CallStranger vulnerability, and, according to cybersecurity... Read more

September 28, 2020
Computer Security

Researchers Detail Now-Patched WhatsApp Vulnerability

In a recent post made by the security researchers working with Check Point, a team disclosed an old vulnerability in a now-outdated version of WhatsApp that could have led to potential exposure of personal information... Read more

September 3, 2021
Computer Security

Western Digital Devices Hit by New Vulnerability

The shock that thousands of users felt when they discovered their Western Digital My Book Live devices had been wiped clean in a destructive hack attack in late June is probably still fresh in their memory. Now... Read more

July 8, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.