Home TECHNOLOGY Log4 Shell - The Zero-Day Vulnerability That Scares The Internet

Log4 Shell – The Zero-Day Vulnerability That Scares The Internet

On December 10, the news was disclosed of a severe vulnerability in the Apache Log4J library, Log4 Shell, which puts almost all applications and software using Java at risk. The risk for cyber security is high, so much so that it receives a score of 10 out of 10 on the CVSS scale that evaluates this type of vulnerability and involves many realities, both public and private. Let’s try to understand how the famous Apache open-source library works and why this bug risked doing severe damage.

What Is Log4J?

Log4J is a library written in Java code, allowing developers to create logs that record all the operations carried out by anyone who accesses and uses the software. In other words: ” its purpose is simply to keep track of everything that happens on the servers, noting every operation performed in a text file.” Log4J allows application developers to store a large amount of data, valid for monitoring the behavior of the software, both in the development phase and once it is sent online.

This makes it much easier for technicians to spot errors, malfunctions, and bugs.

It is the best-known and most popular open-source library used by many companies worldwide. For example, it is built into all Microsoft products, Twitter, Amazon, Minecraft, Steam, and iCloud, to name a few. And there is a zero-day vulnerability inside it, which has been called Log4 Shell.

Log4 Shell

Immediately defined as the “single largest and most critical vulnerability of the last decade,” Log4 Shell is a zero-day bug, a vulnerability unknown even to the developers who created the system.

This bug allows hackers who exploit it to take control of all servers running Java anonymously. Which, in practice, translates into illegal activities such as the creation of cryptocurrencies, the installation of malware to steal (and resell) log-in credentials, ransomware, and spying activities.

The cybersecurity threat is grave due to a few factors.

First of all, the Log4 Shell vulnerability seems to be very easy to exploit and, as already mentioned, involves a vast amount of software, devices, and companies. Suffice it to say that just 12 hours after the announcement of the discovery, over 40 thousand attacks have been recorded, with over 90 countries involved in the world. Furthermore, the seriousness of the situation also derives from the fact that, due to the very nature of the bug, it is tough to understand from where and, above all, from whom these attacks start.

Although most of the threats pass through servers located in Russia, this does not necessarily involve the Russian government being involved in the matter: “The Log4 Shell attack consists of two parts: the first is to send a written web request to a server or a vulnerable device to exploit the vulnerability; the second is to make malware available somewhere that will be downloaded by the target hit by the first action “. Not to mention that many attacks use a VPN connection to hide their origin. As soon as the security flaw was disclosed, although hackers were already exploiting it, many cyber-attacks started, some state-sponsored, i.e., connected to the governments of different countries such as China, Iran, and North Korea. And Turkey.

Run For Cover

Apache is, of course, not standing by. The American company immediately released two patches to solve the problem. However, both were not effective, showing similar vulnerabilities.

Only the third patch, particularly the 2.17.0 version of Log4J, seems immune to the Log4J Shell flaw. So far, all the actors involved who have implemented this version of the library have not reported any security problems. To reach this solution, however, took more than 2 weeks.

Precious time, which has cost over 4 million cyber attacks, with 43% of companies affected, and damages for a figure that will be challenging to establish. However, the announcement of the definitive closure of the flaw does not mean that we can let our guard down. The new version of Log4J focuses its attention on the CVE-2021-44832 vulnerability, which could execute lines of code from someone already inside the system, previously penetrated. While this is considered a minor threat, upgrading remains of paramount importance.

Tech Cults
Tech Cults is a global technology news platform that provides the trending updates related to the upcoming technology trends, latest business strategies, trending gadgets in the market, latest marketing strategies, telecom sectors, and many other categories.

RECENT POSTS

Aesthetic Usernames for TikTok

On TikTok, aesthetically pleasing usernames are growing in popularity. You must select a catchy username if you want your profile to stand out. When selecting...

Revise Like a Pro: A Step-by-Step Guide for Your Practice HGV Test

If you're gearing up to take the FREE HGV Theory Test Online in 2024, you're likely focused on mastering the ins and outs of...

WhatsApp Game for Friends in 2024

WhatsApp's prominence has cemented its standing as one of the most widely used messaging apps globally. Numerous strategies have been developed to make the...

Tech Felts – A Deep Dive into Photo Recovery, Mastering WhatsApp Tricks and Further

Welcome to Tech Felts, one place where you can see behind what being digitally knowledgeable means. It is a complete guide on where we...

Weownomy Login Step-by-Step Guide [2024]

Weownomy can pride itself on the lighting of innovation and empowerment in the dynamic domain of decentralized technologies. Designed to aid collaboration and initiatives...

Smart Business Management: Tips for Sustainable Growth

In an era where business dynamics are constantly evolving, sustainable growth remains a primary objective for companies of all sizes. Smart business management is...