For more than a week, a huge vulnerability in the Internet has kept security experts on their toes. Now a cybersecurity researcher claims to have found a worm that exploits Log4shell.

Since last week, experts have been warning of the Log4shell vulnerability.

The Biggest Internet security gap is becoming more and more dangerous

It threatens large parts of the Internet.

The largest Internet security gap cke is becoming more and more dangerous

Critical infrastructure is also at risk, including in Switzerland.

That's what it is about

  • Security experts believe they have found a worm that exploits the Log4shell vulnerability.

  • That could be extreme become dangerous.

  • However, other experts have given the all-clear.

  • Nevertheless, the security crisis is not over yet.

The critical Internet vulnerability called Log4shell is becoming more and more dangerous. As the technology portal heise.de describes, the first attacks that exploited this security gap were still carried out manually. In the meantime, however, security researchers are said to have discovered a so-called “worm” that infects the affected server and can spread automatically.

This is reported, among other things, by the malware exchange community vx-underground on Twitter. In a post it says: «The security researcher @ 1ZRR4H has identified the first Log4j worm. It's a self-replicating Mirai bot. ” In fact, it looks like the new worm is targeting unsecured Huawei routers.

However, other experts give the all-clear. The security researcher Marcus Hutchins switched on Twitter and wrote: “I disassembled this alleged worm and it doesn't work at all.” The code contained so many errors that it would not work even if several errors in the code were eliminated.

However, security researchers agree that a working worm that exploits the Log4shell vulnerability could be extremely dangerous. Tom Kellermann from the US company VMware even assumes that such a worm could be used as an effective weapon – for example by intelligence services or other countries, as reported by gizmodo.com.

Hacker groups

But that's not all. In the meantime, various groups are also actively exploiting the security gap. For example, the hackers known as the Conti Gang, who have been trying to target servers with malware since December 13th. This gives the cyber criminals access to the servers, which they then sell on. According to heise.de, Conti has already managed to hack into company networks.

In the meantime, the voluntary organization Apache Software Foundation has published a new version of the affected library: Log4j 2.17.0. This is said to have completely eliminated another security gap with which attackers could have provoked a denial-of-service – i.e. an endless loop of the program. In the earlier version, this problem was only partially resolved. It is therefore advised that companies get information as soon as possible and act if necessary.

Digital push

If you subscribe to the digital push, you will be informed about news and rumors from the world of Whatsapp, Snapchat, Instagram, Samsung , Apple and Co. informed. You will also be the first to receive warnings about viruses, Trojans, phishing attacks and ransomware. There are also tricks to get more out of your digital devices.

How it works: Install the latest version of the 20-minute app. At the bottom right, tap on «Cockpit», then «Settings» and finally on «Push notifications». Under “Topics”, tap “Digital” – et voilà!

My 20 Minuten

As a member, you become part of the 20-Minuten community and benefit from great benefits and exclusive competitions every day!

Your opinion

By Teresa Tapmleton

Teresa Tampleton has been a reporter on the news desk since 2018. Before that she wrote about young adolescence and family dynamics for Styles and was the legal affairs correspondent for the Metro desk. Before joining The Nizh TEkegram, Teresa Tampleton worked as a staff writer at the Village Voice and a freelancer for Newsday, The Wall Street Journal, GQ and Mirabella. To get in touch, contact me through my teresa@ntelegram.com 1-800-268-7341

Leave a Reply

Your email address will not be published. Required fields are marked *