Hackers Discover Vulnerability in Widely Used Log4j Software Library


A newly discovered vulnerability in the Log4j software library, which is widely used around the world, is causing shock waves on the internet, forcing digital security experts to rush to stop hackers using it.

Log4j is an Apache library that helps software producers keep track of changes in the applications they create. It’s so popular and embedded in so many company programs that security experts predict hackers’ unbridled exploitation of the vulnerability.

“Apache Log4j’s remote code execution vulnerability is the biggest and most critical in the last decade,” said Amit Yoran, chief executive of Tenable, a computer network security company and founder of the Computer Emergency Preparedness Team from United States.

The US government on Friday sent a warning to the private sector about the failure and the risk it poses.

The software affected by Log4j may be unknown to the general public, but as with software from SolarWinds, which was at the center of a widespread Russian spy campaign last year, the pervasive presence of such programs makes them ideal for promoting digital attacks.

Juan Andres Guerrero-Saade, cybersecurity researcher at SentinelOne, called the problem “one of those nightmarish vulnerabilities that you have virtually no way to prepare for.”

Although a partial fix for the vulnerability was released on Friday by Apache, the non-profit foundation responsible for Log4j, computer security experts say it will take time to locate the faulty program and implement the solutions.

In practice, the flaw in Log4j allows a hacker to insert active code into the registration process. This code then tells the server that stores the software to execute a command that gives the hacker control of the machine.

The problem was first revealed by a security researcher working at Chinese e-commerce company Alibaba Group Holding, Apache said in a statement.

So far, no major incidents have been publicly reported as a result of the vulnerability, but security researchers are seeing an alarming increase in the activity of hacker groups trying to exploit the problem for espionage.

What many experts now fear is that the flaw could be used to transmit malware that either destroys data or hijacks it, as it did against US pipeline company Colonial Pipeline in May, which led to gas shortages in some regions of the USA.

Guerrero-Saade said his company has seen Chinese hacker groups working to take advantage of the vulnerability.


You May Also Like

Recommended for you

Immediate Peak