In recent months we have seen different news related to Log4Shell, a major vulnerability that affects Apache software and could put computers around the world at risk. This affected business devices, but also even home users. affects the log4j software and the way hackers exploit it has changed and now they use it to implement different types of attacks, as we will see.
They use Log4Shell for many attacks
Cybercriminals are still exploiting the log4j vulnerability. Although there have been patches for a long time, the truth is that there are still devices that have not been updated. This is what usually happens with many security flaws of this type, when many remain uncorrected.
But what are they using Log4Shell for now? One of the clear uses hackers are making of this vulnerability is to recruit devices and create a botnet. Basically what they do is turn the attacked teams into a bot so they can control them as they please and do whatever they want with them.
Something they are doing is mine cryptocurrencies. These bots use them to mine cryptocurrencies for financial gain. It is a major problem, since this will affect the performance of the devices and, also, their useful life. We can have major problems if we have this type of malicious software.
According to security researchers at Barracuda, the Mirai botnet is one of the most exploited by this vulnerability. They target webcams, routers and other devices that we may have at home and that are vulnerable. They can control them remotely and perform DDoS attacks against a target.
DDoS attacks aim to prevent a server, such as a web page, from being able to deal with requests normally. When receiving such a large flow, your resources are not able to handle it and that is what causes service outages and problems.
How to avoid this problem
Without a doubt, the easiest way to avoid this type of attack that takes advantage of the vulnerability in Log4j is to update. You must have Log4j version 2.17.1 or higher in order to prevent them from exploiting the bug and turning your devices into a botnet to carry out DDoS attacks or mine cryptocurrencies.
However, some devices targeted by this type of botnet do not receive individual package updates. Therefore, what you should do is get a higher firmware version where they have corrected Log4j. Always have the latest versions available. You can view a database to find vulnerabilities.
This is something that we must apply to any type of device that we use. Not only do you have to update the computer and mobile, which is usually the most common; any other device you have at home connected to the Internet can be used to carry out cyber attacks of this type. For example televisions, webcams, video players or the router itself. It is important to always have the latest version of the firmware and be able to be protected.
