Why Log4j Is Still The Problem When The Patch Is Released 6 Months Ago?

Log4j was one of the most widespread vulnerabilities of all time – however, 6 months after a patch arrived, the problem has not disappeared. Fresh data from Darktrace competitor ExtraHop, shows that cybercriminals are continually scanning for Log4j vulnerabilities.

The network detection and response (NDR) player tracked scan attempts for the Log4j vulnerabilities month by month, showing the volume of attempts by cybercriminals to take advantage of this widespread vulnerability:

  • December 2021: 20,000 scans
  • January 2022: 34,000 scans
  • February 2022: 128,000 scans
  • March 2022: 147,000 scans
  • April 2022: 159,000 scans
  • May 2022: 20,000 scans
Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Jamie Moles
Jamie Moles , Senior Technical Manager
InfoSec Expert
June 14, 2022 1:06 pm

The Log4j exploit has become a standard item in vulnerability scanners and in the toolkits of hackers. It’s even “built-in” to a number of botnets. The massive drop may be due to law enforcement’s shut down of botnet networks but we’ll see continuous scanning for vulnerable systems for a long time now as criminals take advantage of their automated tools to target low hanging fruit.

Last edited 5 months ago by Jamie Moles
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x