Dec 29, 2021 - Technology

Attackers in China using open-source Log4j flaw

Ina Fried

An illustration of a cursor hand blocking a glass with cracks and water leaking through — Illustration: Annelise Capossela/Axios

A group of Chinese attackers has been using the massive vulnerability in Log4j, a common piece of open-source code, to target a large academic institution, Crowdstrike says.

Why it matters: Experts say hundreds of millions of systems are vulnerable and that attacks based on the flaw are continuing.

The latest: CrowdStrike said its software observed an attack that exploited the Log4j flaw in software from VMware.

The attack came from a China-based group dubbed Aquatic Panda that has been conducting intelligence gathering and industrial espionage, CrowdStrike said.

The big picture: Some security experts, including Cybersecurity and Infrastructure Security Agency (CISA) head Jen Easterly, have called the flaw among the worst they have ever seen.

Experts have told Axios the Log4j flaw is especially pernicious because the open source software is widely used within business software and networking gear — often without companies even knowing it is being used. On top of that, the flaw is easily exploited and can provide extensive access.

Be smart: CISA is maintaining a list of known affected products here.

Go deeper:

Add Axios on Google

Attackers in China using open-source Log4j flaw

What to read next