Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware
Dec 14, 2021
Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability . The attack leverages the remote code execution (RCE) flaw to download an additional payload, a .NET binary, from a remote server that encrypts all the files with the extension ".khonsari" and displays a ransom note that urges the victims to make a Bitcoin payment in exchange for recovering access to the files. Tracked as CVE-2021-44228 , the RCE vulnerability is also known by the monikers "Log4Shell" or "Logjam" and impacts versions 2.0-beta9 to 2.14.1 of the software library. In simple terms, the bug could force an affected system to download malicious software, giving the attackers a digital beachhead on servers located within corporate networks. Log4j is an op...
