More bad news could not arrive for us users who use the network daily and above all for some of the largest companies that base their business and services on the network . A vulnerability as extensive as it is dangerous has been brought to light that affects many aspects of the internet.
The vulnerability is known as Log4Shell and was discovered at the end of last week, when several Minecraft services and news sites detected the circulation of a code malware , exploiting this zero-day vulnerability. It soon became clear that Minecraft was not the only target of attack but that the vulnerability affects a large number of services .
As you can see from the images collected right below, tests have been carried out in different cloud services, some of which are very famous such as Apple and Cloudflare , were queried using parameters similar to those provided by attacks on Minecraft services. Subsequently the responses of the servers were monitored with the domain dnslog.cn , which reveals if there is a cloud service in DNS lookup stage. This is exactly what the monitoring resulted in, a sign that the services were accepting connections from a machine controlled by the attacker last week.
As a rule, in fact, typing information in the boxes reserved for username and password should not allow any connection from external networks . This does not happen precisely due to the presence of the Log4Shell vulnerability.
From a technical point of view, the vulnerability is inherent in Log4j , a recording package based on Java and developed by the Apache Software Foundation . This package is used in the vast majority of cloud services , and this is why so many providers have their data and those of their users at risk. The vulnerability is contained between versions 2.0-beta-9 and 2.14.1 of Log4j. With version 2.15.0 has been fixed. Too bad that to stay safe, all providers and suppliers will have to update Log4j to this latest version.
The consequences of exploiting this vulnerability are potentially catastrophic for the personal information of users and for servers of large companies that are vulnerable. As explained by Thomas Reed , the director of the Mac & Mobile division of Malwarebytes, the theft of the personal data of Apple users may already have been made or be currently in progress . The same is true of Apple's proprietary data stored on its infrastructure.
Clearly the problem does not only concern Apple and Minecraft , but all the services that rely on Log4j. These include Amazon , Steam , Tesla , Twitter , Baidu and Cloudflare . The latter has made it known that it has implemented additional security protections by default for all its users, including those who have not subscribed to a paid plan. Minecraft also reported making fixes . It remains to be understood how effective and robust they are, we will come back to update you as soon as news emerges.