Muva nje siphawule ngokuhluleka kwe-Log4J futhi kule ncwadi sithanda ukucobelelana ngolwazi abacwaningi, kusukela bathi abaduni, okuhlanganisa namaqembu asekelwa umbuso waseShayina kodwa neRussia, bahlasele ngaphezu kuka-840.000. ngokumelene nezinkampani emhlabeni jikelele kusukela ngoLwesihlanu olwedlule ngokusebenzisa lobu sengozini.
Iqembu le-cybersecurity UCheck Point uthe ukuhlasela okuhlobene ngobungozi ababebusheshise emahoreni angu-72 kusukela ngoLwesihlanu, futhi ngezinye izikhathi abaphenyi babo babebona ukuhlaselwa okungaphezu kwe-100 ngomzuzu.
Umhleli uphinde waphawula ubuhlakani obukhulu ekulungiseni ukuhlasela. Kwesinye isikhathi kuvela ukuhluka okusha okungaphezu kuka-60 esikhathini esingaphansi kwamahora angama-24, kwethula amasu amasha e-obfuscation noma amakhodi.
"Abahlaseli bakahulumeni waseChina" kuthiwa bafakiwe, ngokusho kukaCharles Carmakal, oyisikhulu sezobuchwepheshe enkampanini ye-cyber Mandiant.
Iphutha le-Log4J livumela abahlaseli ukuthi balawule kude amakhompyutha asebenzisa izinhlelo ze-Java.
Jen empumalanga, umqondisi we-United States Cyber and Infrastructure Security Agency (CISA), kusho kubaphathi bezimboni lokho Ukuba sengozini "kwakungenye yezinto ezimbi kakhulu engake ngazibona kuwo wonke umsebenzi wami, uma kungenjalo obunzima kakhulu", ngokusho kwabezindaba baseMelika. Amakhulu ezigidi zemishini okungenzeka ukuthi izothinteka, esho.
I-Check Point ithe ezimweni eziningi, abagebengu bathatha amakhompuyutha bawasebenzisele ukumba ama-cryptocurrensets noma babe yingxenye ye-botnets, anamanethiwekhi amakhulu ekhompyutha angasetshenziswa ukumboza ithrafikhi yewebhusayithi, ukuthumela ugaxekile, noma abanye.
KuKaspersky, iningi lokuhlaselwa livela eRussia.
I-CISA kanye ne-UK's National Cyber Security Center bakhiphe izexwayiso ezinxusa izinhlangano ukuthi zenze izibuyekezo ezihlobene nokuba sengozini kwe-Log4J, njengoba ochwepheshe bezama ukuhlola imiphumela.
I-Amazon, i-Apple, i-IBM, iMicrosoft, neCisco iphakathi kwalabo abajaha ukukhipha izixazululo, kodwa akukho ukwephulwa okukhulu okubikwe esidlangalaleni kuze kube manje.
Ukuba sengozini kungokwakamuva ukuthikameze amanethiwekhi ezinkampani, ngemuva kokuvela kobungozi onyakeni odlule kusofthiwe esetshenziswayo ejwayelekile evela ku-Microsoft kanye nenkampani yekhompyutha i-SolarWinds. Bobabili ubuthakathaka kubikwa ukuthi baqale baxhashazwa amaqembu ezinhloli asekelwa uhulumeni avela eChina naseRussia, ngokulandelana.
UMandiant's Carmakal uthe abalingisi baseChina abasekelwa uhulumeni bazama ukuxhaphaza i-Log4J bug, kodwa wenqabile ukwabelana ngemininingwane eyengeziwe. Abacwaningi be-SentinelOne baphinde batshela abezindaba ukuthi babone abaduni baseChina besebenzisa leli thuba lokuba sengozini.
I-CERT-FR incoma ukuhlaziya okuphelele kwamalogi enethiwekhi. Izizathu ezilandelayo zingasetshenziswa ukukhomba umzamo wokuxhaphaza lobu bungozi uma usetshenziswa kuma-URL noma izihloko ezithile ze-HTTP njenge-ejenti yomsebenzisi.
Kunconywa kakhulu ukusebenzisa i-log2.15.0j version 4 ngokushesha okukhulu. Kodwa-ke, uma kuba nobunzima bokuthuthela kule nguqulo, izixazululo ezilandelayo zingasetshenziswa okwesikhashana:
Kuzinhlelo zokusebenza ezisebenzisa izinguqulo ezingu-2.7.0 nakamuva zelabhulali ye-log4j, kuyenzeka ukuvikela kunoma yikuphi ukuhlaselwa ngokulungisa ifomethi yezenzakalo ezizofakwa ngo-syntax% m {nolookups} kudatha ezonikezwa umsebenzisi.
Cishe isigamu sakho konke ukuhlasela sekwenziwe abahlaseli be-inthanethi abaziwayo, ngokusho kweCheck Point. Lezi zihlanganisa amaqembu asebenzisa i-Tsunami ne-Mirai, uhlelo olungayilungele ikhompuyutha olushintsha amadivayisi abe ama-botnet, noma amanethiwekhi asetshenziselwa ukuqalisa ukuhlasela okulawulwa kude, njengokunqatshelwa kokuhlaselwa kwesevisi. Iphinde yafaka namaqembu asebenzisa i-XMRig, isofthiwe esebenzisa imali yedijithali ye-Monero.
“Ngalokhu kuba sengcupheni, abahlaseli bathola cishe amandla angenamkhawulo: bangakwazi ukukhipha idatha eyimfihlo, balayishe amafayela kuseva, basuse idatha, bafake i-ransomware noma bashintshele kwamanye amaseva,” kusho u-Nicholas Sciberras, isikhulu esiphezulu sobunjiniyela be-Acunetix, isithwebuli sokuba sengozini. "Kwakulula ngendlela emangalisayo" ukuqalisa ukuhlasela, esho, enezela ukuthi iphutha "lizosetshenziswa ezinyangeni ezimbalwa ezizayo."