Hackers from four countries began attacking systems around the world

admin Technology Dec, 16 2021

Microsoft warned this week that hackers linked to the authorities of China, Iran, North Korea, and Turkey have tried to take advantage of a recently discovered security flaw in Log4j, which is used by many large companies and organizations around the world.

Log4j is based on the Java programming language and is used by large organizations to configure their applications. Its purpose is to list activities, and the resulting records are used to resolve errors, track data, and in-depth analysis. As this is a program that is free, and companies can modify it according to their own needs, it is present almost everywhere on the Internet.

The list of companies that use it includes Apple, IBM, Oracle, Cisco, Google, Amazon and many others - almost all major technology companies have it at some level of their business, which brings fear that millions of servers could be vulnerable to intrusion by malicious hackers.

Through a detected security flaw, hackers could theoretically gain access to the company’s servers, from where they could extend their access to other parts of the network. According to security company CloudFlare, the first hacker attacks exploiting this vulnerability began about a week before it was presented to the public.

Microsoft security experts have uncovered a number of hacker groups that have begun experimenting with exploiting the discovered vulnerability in recent days. The Iranian group, for example, has been known in the past for so-called "ransomware" attacks - they would hack into systems and "capture" data, and demand ransom from their owners so they can regain access to their systems and data.

A Chinese group that began exploiting the vulnerability in Log4j earlier this year attacked Microsoft Exchange servers, which many companies and organizations around the world use for their business correspondence and day-to-day operations.

Security experts fear an attack that may go unnoticed. State-sponsored hackers, as well as private hackers looking for quick profits, could try to secure a "back door" to a large number of servers and systems before companies patch up security vulnerabilities.

The consequences of this vulnerability, even if it is quickly removed from all systems, could be felt for months or even years, as individual hacker groups could retain access to systems they have uncovered. In the case of criminal hackers, they could safely, one by one, choose systems to hold hostage, while the danger of state hackers is much higher, as burglary systems could be used for industrial and state espionage for a long time, as long as their intrusion remains undetected.