Security News > 2021 > December > Relentless Log4j Attacks Include State Actors, Possible Worm

"Our reports of the last 48 hours prove that both criminal-hacking groups and nation state actors are engaged in the exploration of this vulnerability, and we should all assume more such actors' operations are to be revealed in the coming days," Check Point added.

Log4J based on what I've seen, there is evidence that a worm will be developed for this in the next 24 to 48 hours.

"While it's possible that we could see a worm developed to spread among susceptible Log4j devices, there hasn't been any evidence to suggest this is a priority for threat actors at this time," Chris Morgan, senior cyber threat intelligence analyst at Digital Shadows, told Threatpost.

"While many threat actors will likely be at different stages of the kill chain, most actors will likely still be scanning for susceptible systems, attempting to establish a foothold, and identifying further opportunities, depending on their motivations. Efforts among actors at this stage are rushing to exploit before companies have a chance to patch, rather than spending time developing a worm."

The emergence of a Log4j worm isn't the worst-case scenario, researchers like Yaniv Balmas from Salt Security explained to Threatpost.

"Everyone with a basic computer and internet access could launch an attack against millions of online services within minutes. This achieves quite a similar impact as a worm - it is distributed and unpredictable, and the damage extent might even be higher than a worm since a worm works 'blindly' in an automated manner."

News URL

https://threatpost.com/log4j-attacks-state-actors-worm/177088/