China-Backed Hackers Could Be Exploiting Log4j Security Flaw, According to Cybersecurity Analysts

The newest log4j security flaw could be under the control of a Chinese hacking group, according to cybersecurity researchers. The same organization of cybercriminals is believed to have targeted a tech giant such as Microsoft.

China-Sponsored Hackers Behind Log4j Exploit

Log4j Security Patch Meant to Fix it Also Carries a Critical Vulnerability
The newest log4j security flaw could be under the control of a Chinese hacking group, according to cybersecurity researchers. Michael Marais from Unsplash

According to a report by The Wall Street Journal on Wednesday, Dec. 15, the security analysts assumed that the Chinese hackers were the culprits behind the log4j vulnerability, which continuously targets many internet users.

Per Intelligence Analysis VP John Hultquist, the said vulnerability could haunt people for months and even years because of the ease of exploitation, as what Tech Times reported last Tuesday, Dec. 14.

Mandient, a cybersecurity company based in the US, felt that the cybercriminals from China and Israel are carrying out attacks concerning the Log4j flaw. Even a tech firm like Microsoft shared the same sentiment with the organization.

The Redmond giant's updated blog post, the alleged hackers who took advantage of this exploit came from Turkey and North Korea. Moreover, many attackers are seen to be conducting tests to launch this flaw and sabotage their victims online.

To add, the tech giant wrote that a similar China-backed hacking group is the one responsible for the Microsoft Exchange Server attack that took place earlier this year.

It should be noted that in July, the Biden administration blamed the state-sponsored hackers regarding the Microsoft cyberattack. Recently, a representative from the Chinese embassy was asked about this issue. The spokesman did not leave any comment on the matter.

Foreign Hackers Are Modifying Log4j Exploit

In the same report by the news outlet, the researchers are growing concerned over the widespread attack on vulnerable systems. The culprits are likely also attacking the crypto mining software to inject several forms of malware such as botnet.

Besides the activities of North Korean and Turkish hackers, Microsoft observed that the Iran-sponsored cybercriminals are also modifying and deploying the Log4j vulnerability.

Following this announcement, the tech corporation warned the users about the ransomware tactic where the suspects will ask for a payment to release a code for their hacked files.

The Log4j bug exploitation was seen to be involved in 600,000 attempts, according to security experts. Microsoft highlighted that nearly 44% of corporations around the world have become the victim of this rampant attack.

Free Java Software in Log4 Flaw

The fear of this latest security flaw has alarmed the researchers about its impact on security software. It could even affect video game servers aside from the networks. The experts added that the number of Log4j users is impossible to detect at the moment.

Last week, Tech Times report that the "extremely bad" log4shell vulnerability could easily give hackers access to multiple devices. According to the article, the apps running log4j libraries are at risk of suffering from data breaches through a simple string.

In another report from ZDNet, NCSC suggested that updating the old Log4j version to v.2.15.0 could prevent the flaw in Log4j 2.10.

This article is owned by Tech Times

Written by Joseph Henry

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics