Attackers Use Log4Shell to Hack Unpatched VMware Products

A joint advisory from the Cybersecurity and Infrastructure Security Agency and the Coast Guard Cyber Command says advanced persistent threat actors are using the exploit to hack into unpatched VMWare virtual desktop software. Security researchers set off a firestorm late last year when they discovered a zero-day vulnerability in a popular open-source Java data-logging framework present in hundreds of millions of devices. A patch released by the Apache Software Foundation in December set off a global race between systems administrators and hackers – a sprint that some organizations dangerously have yet to complete (see: Serious Log4j Security Flaw: Race Underway to Discern Scope). Multiple threat actors intent on taking advantage of this moment are using Log4Shell to penetrate unpatched VMware Horizon Systems and Unified Access Gateway products, the advisory says. Some load malware with embedded executables that establish a remote connection with a command-and-control server. Attackers in one confirmed compromise detailed by the government advisory were able to gain entry into a sensitive network via a vulnerable instance of VMware Horizon and exfiltrate sensitive law enforcement data. 

Related Posts

About Us
AMI, Inc. it’s a nonprofit organization with a clear mission – to accelerate the digital transformation of small & medium manufacturers.

Let’s Socialize

Popular Post