Log4j bug abused in new ‘proxyjacking’ attacks to resell bandwidth, abuse enterprise cloud

The Log4j vulnerability is being exploited in proxyjacking campaigns, where hackers install proxyware to resell victims’ bandwidth. Sysdig’s Threat Research Team identified the technique and reports 23,000 unpatched systems remain vulnerable. Proxyjacking abuses services that allow clients to resell unused bandwidth, then repackages it to a range of customers. The attackers can earn around $220,000 a month from the exploitation. While minor, it can cost the victims if their bandwidth is used for illegal tasks.