All stakeholders in the technological field should take preventative measures to protect themselves from the new “Log4j” malware breach, Lotem Finkelstein, director of Research and Intelligence at Israeli tech company Check Point, said on Monday.
“Over the weekend, a weakness was discovered in one of the most popular software beliefs in documenting the activity of Internet service users,” explained Finkelstein. “The unfamiliar ‘Log4j’ software is embedded in almost every web service or app we are familiar with, including Twitter, Amazon, Microsoft and more.”
Among the Log4j breaches identified was the infiltration of Indian Prime Minister Narendra Modi's Twitter account on Sunday, according to a statement from his office.
The Log4j issue is actually a coding bug born out of the open-source software logging system known as “Log4j,” which is among the most widely-used and popular in the world. Attacks exploiting the bug are known as “Log4Shell” attacks – attacks where a string of data is added into a log for the purpose of infiltrating or damaging a program or software – and have grown in prevalence. The security flaw poses a “severe risk” to the Internet, according to the director of the US Cybersecurity and Infrastructure Security Agency Jen Easterly.
“Log4Shell” attacks work by tricking the Log4j program on a specific app into storing a log entry that includes a particular string of text. The string of code selected in the attack will result in the program storing the command and in turn, beginning to run malicious code. The popular online game Minecraft was breached simply by writing the string into chat boxes.
In the case of Minecraft, attackers were able to get remote code execution on Minecraft Servers by simply pasting a short message into the chat box.
— Marcus Hutchins (@MalwareTechBlog) December 10, 2021
“In just 12 hours since the firewall was installed, Check Point saw more than 40,000 attempts to take advantage of this weakness - and it will only expand in the coming days unless you defend yourself,” Finkelstein continued.
The glitch was only recognized late last month by a security researcher at Chinese computing firm Alibaba Cloud, who immediately reported the problem to the Apache Software Foundation, the American nonprofit organization that oversees hundreds of open source projects – including Log4j. Researchers at Apache Logging Services, who are the originators of Log4j, are scrambling to update it to version 2.15.0, which mostly fixes the issue.
“We urge any organization or service that has not taken defensive measures against this attack, to do so now and protect the information and assets in its possession,” Finkelstein concluded.
Check Point is an Israeli multinational provider of IT security solutions – such as network security, endpoint security, cloud security, mobile security, data security and security management. Headquartered in Tel Aviv, it has offices in over 70 cities around the globe and employs over 5,000 people, according to its website.