Biggest Internet Gamers Hit By Critical Log4Shell Day 0


Biggest Internet Gamers Hit By Critical Log4Shell Day 0

The list of services with internet-facing infrastructure that is vulnerable to a critical zero-day vulnerability in the open source logging utility Log4j is immense and reads like a who’s who of the biggest names on the internet, including Apple, Amazon. , Cloudflare, Steam. , Tesla, Twitter and Baidu.

The vulnerability, now called Log4Shell, came to light Thursday afternoon, when several Minecraft News sites and services warned of the active circulation of attack code that exploits the vulnerability to run malicious code on servers and clients running the world’s best-selling game. Soon, it became clear that Minecraft it was just one of thousands of reputable services that can be brought down by similar attacks.

TO collection of screenshots published documents online on how some of the world’s most popular and trusted cloud-based services react when fed into the parameters used in the attack. This is:

The images use a domain name system leak detection service called dnslog.cn to see if the target cloud service is doing a DNS lookup. Each image shows that the service is accepting connections from an attacker-controlled machine (as evidenced by the IP connection log).

“Typically typing something in a username box should never make external network connections, so doing so proves that Log4j is being used here and therefore the server may be vulnerable to attack by remote code execution “, Ars reader skizzerz explained in the comments below.

While the images show that the services respond unintentionally and potentially dangerous to user input, the services are not automatically vulnerable to the types of code execution attacks they compromised. Minecraft servers. This is because these services often have multiple layers of defense. If one layer fails, additional layers are often available to lessen or completely eliminate any actual damage.

Moreover, the images demonstrate that unauthorized people can exploit Log4Shell to access the servers of some of the most powerful corporations in the world in ways they never intended. When asked about access to Apple’s servers, Malwarebytes Mac Offering Director Thomas Reed said: “This is much worse than if individual devices were vulnerable, and I think it’s an open question at this point. exactly what kind of data the attackers are probably extracting from Apple services right now. ”Apple representatives did not respond to an email seeking comment.

Cloudflare, meanwhile, said in a post that it has taken steps to block attacks on its network and against its customers. Cloudflare Chief Security Officer Joe Sullivan said his team has been unable to reproduce the behavior shown in the image and does not recognize the IP addresses shown.

Minecraft released a fix on Friday.

The bottom line is that it is too early to say that these services are not vulnerable. For now, people should remain cautious and await guidance from affected providers.

Listing Image by Jeffrey Coolidge / Getty Images


arstechnica.com

Leave a Reply

Your email address will not be published. Required fields are marked *