Suspected Iranian APT accessed federal server via Log4j vulnerability

A suspected Iranian hacker group exploited a Log4j vulnerability to breach the server of a US federal agency, accessing domain control and installing cryptomining software. The intrusion began in February 2022 and was detected two months later by the Cybersecurity and Infrastructure Security Agency. The affected agency, part of the Federal Civilian Executive Branch, has not been disclosed.