Attackers Target Log4j to Drop Ransomware, Web Shells, Backdoors

The recently disclosed Log4j flaw is being further exploited by threat actors, including at least one nation-state actor. The attempts, previously focused on cryptocurrency mining and compromising systems for botnets, have escalated to deploy ransomware, remote access Trojans, and web shells on vulnerable systems. The severe vulnerability is found in a widely-used logging framework in Java applications. Despite the release of a fixed version, organizations continue to download vulnerable versions of Log4j in large numbers.