Vulnerability Management, Patch/Configuration Management, Threat Intelligence

Exploitation of Log4j flaw continues in the wild

Share
Security Vulnerability Log4j. Java code log4j with warning sign. Cyberspace and vulnerability. Vector illustration

Organizations continue to face attacks exploiting the critical Log4j zero-day vulnerability even though it has been more than two years since the flaw's discovery, SecurityWeek reports.

The vulnerability, tagged as CVE-2021-44228, was first reported in November 2021 and led to a global scramble to implement patches. Despite these efforts, the flaw remains a persistent threat due to complex software dependencies that hinder comprehensive patching. Nation-state actors and cybercriminal groups, including those linked to China, Iran, North Korea, and Turkey, have incorporated Log4j exploits into their hacking tools. Datadog Security Labs recently uncovered ongoing exploits that target unpatched systems, allowing cybercriminals to deploy cryptocurrency miners and malicious backdoor scripts. In this new campaign, researchers observed that attackers used obfuscated LDAP requests to avoid detection, leaving them free to deploy XMRig cryptocurrency miners and install scripts to maintain long-term control over compromised systems. This ongoing exploitation underscores the challenge of eradicating vulnerabilities that remain unpatched years after their discovery.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.