Log4j flaw is now being used by alleged China-based hackers to exploit new ransomware called NightSky. Microsoft explained that this new computer virus strain is specifically attacking the popular VMware Horizon platform.
For those who do not know what VMware Horizon is, it is an advanced platform that allows you to use virtual desktops, as well as applications across the so-called hybrid cloud.
Right now, Horizon is being used by Microsoft in its Windows software models. Aside from this, macOS and Linux are also relying on VMware's Horizon platform.
If the new ransomware spreads in the software models that use Horizon, many consumers will definitely have their data compromised.
Log4j Involved in New NightSky Ransomware Attack
According to ZDNet's latest report, NightSky is a financially-motivated ransomware. This means that its main goal is to create a panic that will force victims to pay the hackers to prevent further breaches.
Also Read: BitMart Hack: Victims Still Waiting for Compensation from Crypto Platform, Not Yet Paid Back
First discovered on December 27, 2021, the new computer virus attacks Log4Shell or Log4j flaw (CVE-2021-44228). Because of the new ransomware's nature, it can breach vulnerable versions of the Java-based Log4j application error-logging component.
"As early as January 4, attackers started exploiting the CVE-2021-44228 vulnerability in internet-facing systems running VMware Horizon," said Microsoft.
The software provider added that their latest investigation already discovered new successful intrusions involving the new NightSky ransomware attack. If you want to see further details, you can visit this link.
Other Ransomware Attacks
As of the moment, ransomware attacks are becoming more rampant. Aside from NightSky, ScreenRant reported that another ransomware attack was discovered by the FBI.
However, this malicious campaign focuses on USB flash drives. Security experts said that the hackers behind this new security threat are targeting companies in the United States.
In other news, Pakistan issued a notice after investors complained about a new Binance crypto scam. Meanwhile, Oculus Quest 2's lack of parental control is now being questioned by the U.K. data watchdog.
For more news updates about ransomware attacks and other security threats, always keep your tabs open here at TechTimes.
Related Article: Security Bugs on Third-Party URL-Parsing Libraries Could Affect Several Web Apps | DoS Attacks, Leaks, and More
This article is owned by TechTimes
Written by: Griffin Davis