Log4j alert: Bitdefender detects ongoing attacks

16 December 2021
| No comments
Bitdefender_News

Share post

Bitdefender Labs experts observe numerous current attacks that exploit the Log4j vulnerability. Successful attacks to embed Kryptominern as well as attempted ransomware attacks can be confirmed.

The most important results of an initial Bitdefender inventory at a glance:

  • The cyber criminals are trying to embed a new family of ransomware, Khonsari. They are now also attacking Microsoft Windows systems after the hackers initially targeted Linux servers.
  • Attackers also try to implement the remote access Trojan (RAT) Orcus via the vulnerability. You are trying to download shellcode from hxxp: //test.verble.rocks/dorflersaladreviews.bin.encrypted and inject it into the memory of the conhost.exe process. This shellcode decrypts and reloads other malicious payloads into the memory that connects Orcus to the command and control servers.
  • Cyber ​​criminals use reverse bash shells to try to gain access to systems for subsequent follow-up actions. It's relatively easy. As a result, more extensive attacks can be expected with a high probability.
  • Bitdefender experts are already monitoring numerous botnets that exploit the vulnerability to install backdoors in new victim networks and expand their networks. A first example of this is Muhstik. Botnets thrive on their size. The growth of these networks is a good indicator of the risk of vulnerabilities.

Bitdefender offers a complete overview in its latest English report.

More at Bitdefender.com

 

About Bitdefender

Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

Bitdefender, Short news
, , , , ,