The Impact of Log4Shell
April 21, 2022Author: Eric Burdick
What is Log4j?
Log4j is a part of the apache logging services used when developing software. Log-based services allow users to keep track of any sort of activity on a system. Log4j is the most common and popular piece of logging framework with massive tech companies. Companies such as Steam and Apple implement it as a part of the skeleton of their framework.
The log4shell Exploit
Otherwise known as exploit CVE-2021-44228, this was a zero day vulnerability found in multiple versions of Apache log4j. The vulnerability allowed for attackers to remotely send unauthenticated code containing ransomware or allowing attackers access to personal information. Massive organizations were often targeted so the malicious actors could take control of the network and steal valuable information.
Due to the common use of Log4j, many companies faced a record high in cyberattacks. One such example being the popular game Minecraft. Most versions of Minecraft use Log4j in their code with the exploit intact. Due to Minecraft constantly running online servers, users could enter lines of code to gain access to the server and its clients. Other large companies such as Google, Microsoft, and Steam were vulnerable to attackers. Logs can contain important information such as username and passwords.
Patching and Prevention
A patch was rushed out due nearly a day later to attempt to cover up this vulnerability. However due to how quickly the patch was pushed out, there were easy work arounds that took much more time to fully solve. A total of four patches were released that relate to the log4j shell exploit. The big issue that comes with these patches is that some users may be completely unaware of the ongoing issue and what log4j is. Users and companies who lack the updated versions of log4j are still under fire with these attacks. The solution nowadays is to update to the most recent version that lacks the log4j shell exploit.
Nowadays the issue has long died down. Log4shell will forever go down as a massive vulnerability with many companies facing record high cyber attacks. This shows that any piece of software in a system could have a vulnerability that has yet to be found.