Log4j: How hackers are using the flaw to deliver this new ‘modular’ backdoor

The Iran-backed hacking group Phosphorous, or APT35, has been exploiting the Log4j vulnerability to distribute a new PowerShell toolkit, according to Check Point. The group reportedly rushed into exploiting Log4j, using a basic publicly available toolkit for attacks that were easy to detect. Upon exploiting the vulnerability, APT35 uses a PowerShell-based backdoor for persistence, communication with a command and control server, and execution of additional modules.