It was exposed that there was still a leak in 2 years, and the hackers launched a new Trojan horse aimed at users who had not fixed the Log4j vulnerability. 04/06 Update SLTechnology News&Howtos

It was exposed that there was still a leak in 2 years, and the hackers launched a new Trojan horse aimed at users who had not fixed the Log4j vulnerability.

2025-04-06 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > IT Information >

Shulou(Shulou.com)12/24 Report--

CTOnews.com December 12 news, friends may also remember the Log4j (Log4Shell) vulnerability 2 years ago, which comes from Java logging tool Apache Log4j, which allows hackers to execute code remotely, with a full CVSS risk score. At that time, many open source frameworks and even many Internet companies used relevant logging tools, resulting in a series of "official emergency release of fixes and urging users to update" situation.

The vulnerability notification announced by ▲ in GitHub Advisory Database at that time, the security company Veracode speculated at the time that at least 90% of the devices of enterprises on the market had Log4j vulnerabilities, and the U.S. Department of Homeland Security assessed that the vulnerabilities "may take 10 years to be fully fixed."

Today, two years later, Veracode revealed that hackers had developed a series of new Trojans aimed at devices that had not yet fixed Log4j vulnerabilities.

CTOnews.com learned that these new Trojans, named NineRAT and DLRAT, first appeared in May 2023. Hackers used these Trojans to attack a number of financial, media and medical institutions, and achieved some "phased results."

▲ hackers "new wine in old bottles" exploit Log4j vulnerabilities to develop new Trojans to remotely execute code. Security company Veracode claims that they conducted a survey from August 15 to November 15 this year. The results show that at least 38% of devices still use vulnerable Apache Log4j versions, and these devices are extremely easy for hackers to use existing means to "no threshold breakthrough." Security companies urge users to deploy versions that fix vulnerabilities in a timely manner:

2.8% of devices use vulnerable Apache Log4j versions (Log4j2 2.0-beta9 to 2.15.0)

3.8% of the devices use Apache Log4j2 2.17.0. although this version fixes the Log4j vulnerability, there is a serious RCE vulnerability "CVE-2021-44832".

32% of devices use Log4j2 1.2.x, which ended its life cycle in August 2015 and has at least seven serious vulnerabilities.

▲ Tupu Source Security Company Veracode

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.