Tracking Real-World Log4j Attacks
December 2021 by Aqua Security
Log4j was a popular Java logging framework. Until two weeks ago, Log4j was one of the many components that could run in the background of many modern web applications. However, on Monday 6th December, the National Institute of Standards and Technology (NIST) reported a zero-day vulnerability (CVE-2021-44228) ranked 10/10 as a critical security risk.
After testing the vulnerability, Aqua Security research revealed several attacks methods which the vulnerability was susceptible to including the Muhskit botnet, Mirai botnet, and various types of Reverse Shell attacks. While some attacks were distinct but on ly attacked once or twice, there were others which targeted the vulnerability repeatedly, showing large botnet activity.