One last time, let’s talk about Log4J
Apache Log4J, The Vulnerability That Destroyed The Internet
Log4j the vulnerability that destroyed the internet, it’s happened..everybody stay calm. What’s the procedure? December wasn’t that jolly in 2021. In fact, a couple of weeks ago a story broke out about a new computer bug found in a piece of very popular, widely used computer code.
The very next day every major cloud storage company was in crisis mode! Google, Amazon, Microsoft you name them, they panicked. The code in question is called Log4J (Apache Log4J) It’s an open-source logging library commonly used by apps and services across the internet, not only does it affect the cloud but also a lot of hardware we use which may include TV’s, security cameras and the likes.
Imagine that millions of us had the same log to keep us and our home safe and now we found out that there’s a master key to unlock them all… Yeah, it’s one great mess for us security specialists and one giant opportunity for hackers.
Generally, Log4J is a piece of code that helps software applications to keep track of their past activities, actions, events and so on, it’s free (hence open-source) on the internet (has been since around 2001) and is widely used in Java applications. When Apache Log4J is asked to do something new it adds it to the “record”. This is where the problem is, if you ask log4j to log a line of malicious code it could go on to execute that code.
Apache Log4J is part of the java programming language which has been a foundational part of computers as we know it since the mid-90s. Now that hackers know about this bug they can exploit it easily and widely, for example, in Minecraft, it’s as easy as typing a line into a public chatbox.
That’s not it, some Twitter users began changing their display names to code strings that could trigger the exploit even the Belgian ministry of defense admitted that hackers already exploited the vulnerability and paralyzed some of the government’s activity.
This bug can paralyze apps, networks, devices and countries and it’s already been hailed as the biggest cybersecurity risk of the decade.
Let’s add even more spice into the mix, some say that it’s the Alibaba company that found the bug and China suspended a deal with Alibaba cloud for not sharing the problem with the government first. Make of it as you will.
Months ago the Chinese government-issued new regulations demanding all networking vendors with critical flaws to report first hand to the government. Alibaba cloud apologized and promised to do better in the future but strangely the vulnerability has been used by multiple Chinese nation-state activity groups so some might wonder if china’s fury is so strong because it couldn’t exploit the bug before it got public.
As of the time of writing, the latest, safest version of Apache Log4J: Version: 2.17.1
The bugs, the devices, China, everything sounds scary, right? Companies are trying their hardest to react properly. Reportedly at Google alone, there are 500+ engineers going through the code but patching the problems isn’t going that well, according to many reports.
Apache has issued several patches but with each one, additional problems have cropped up. The cyber security and infrastructure security agency has announced the release of a scanner that helps to identify vulnerabilities in applications. There are thousands of people working on it day and night.
Industry experts say it could take years for this problem to be fully fixed but there are a couple of things you could do to feel safe, avoid any phishing emails no one is giving out millions of dollars through a strange link. Make sure your apps are updated to the latest versions.
Developers are always trying their hardest to fix newly discovered vulnerabilities so it’s crucial you update as soon as an update is available. As we all know, some applications, repositories have been patched and many have not.
We think you may enjoy reading, Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor
- Most Attackers Need Less Than 10 Hours to Find Weaknesses - 28 September 2022
- 5+ Things to teach your kids about Social Media - 26 September 2022
- RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236) - 26 September 2022