Iranian hacker group targets Israelis in 'Log4j' exploit attack

A series of Log4j attacks were blocked by Check Point, which witnessed communications between a server used by an Iranian group and the targets in Israel.

VISUAL DEPICTION OF A HACKER (photo credit: VIA WIKIMEDIA COMMONS)
VISUAL DEPICTION OF A HACKER
(photo credit: VIA WIKIMEDIA COMMONS)

There have been more than 1,800,000 attempts to exploit the “Log4j” vulnerability since Friday, according to cybersecurity provider Check Point. Most recently, the vulnerability has been used against seven targets in Israel within the government and business sector by Iranian hacking group “Charming Kitten” or APT 35.

The exploit – a coding bug borne out of the open-source software logging system known as Log4j – is among the most widely-used and popular in the world. Attacks add a string of data into a log in order to infiltrate or damage a program or software, and they have grown in prevalence. The security flaw poses a “severe risk” to the Internet, according to the director of the US Cybersecurity and Infrastructure Security Agency Jen Easterly.

The attacks were blocked by Check Point, which witnessed communications between a server used by this group and the targets in Israel. The attack took place within a 10-hour period. According to Check Point, there is no evidence that the group has targeted anyone outside of Israel.

“We will continue to investigate attacks related to Log4j,” Check Point said in a report of the incidents. “Our reports of the last 48 hours prove that both criminal hacking groups and nation-state actors are engaged in the exploration of this vulnerability, and we should all assume more such actors’ operations are to be revealed in the coming days.”

 Hacker (illustrative) (credit: PXFUEL) Hacker (illustrative) (credit: PXFUEL)