Log4j, an internet vulnerability was found exploited by the Iranian hackers
Log4j, an internet vulnerability has been found exploited by the hackers in vulnerable applications against Israel.
Accordingly, Log4Shell (Log4j) is a severe critical vulnerability and was seen affecting several versions of the Apache Log4j application. Earlier, the vulnerability in Log4Shell was discovered and patched in December 2021. The Log4j vulnerability let’s the cyber attackers to execute code remotely on any targeted computer.
It has been found that the attackers were a Iranian hacking collective. Consequently, these Iranian hackers exploited Log4Shell flaws for gaining it’s initial access. After obtaining control, they run a malicious PowerShell through a specially crafted request which is sent to the vulnerable endpoints. Accordingly, they then drops the system’s web shells.
After gathering the required information via cmd.exe, the hackers then adds a user, raises its benefits to a local administrator, and then attaches their attack tools in the startup folders to make sure the resolution during reboots.