The Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a day, researchers said.
The Apache Log4j logging library exploit has been rapidly mutating and attracting swarms of attackers since it was publicly disclosed last week. Most of the attacks focus on cryptocurrency mining done on victims’ dimes, as seen by Sophos, Microsoft and other security firms. However, attackers are actively trying to install far more dangerous malware on vulnerable systems as well.
According to Microsoft researchers, beyond coin-miners, they’ve also seen installations of Cobalt Strike, which attackers can use to steal passwords, creep further into compromised networks with lateral movement and exfiltrate data.
Read More: Threatpost
For more such updates follow us on Google News ITsecuritywire News