Hackers Backed by China Seen Exploiting Security Flaw in Internet Software

Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft. From a report: The involvement of hackers whom analysts have linked to nation-states underscored the increasing gravity of the flaw in Log4j software, a free bit of code that logs activity in computer networks and applications. Cybersecurity researchers say it is one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks, including ransomware, in both the immediate and distant future. Government-sponsored hackers are often among the best-resourced and most capable, analysts say.

"The effects of this vulnerability will reverberate for months to come -- maybe even years -- as we try to close these doors and try to hunt down all the actors who made their way in," said John Hultquist, vice president of intelligence analysis at the U.S.-based cybersecurity firm Mandiant. Both Microsoft and Mandiant said they have observed hacking groups linked to China and Iran launching attacks that exploit the flaw in Log4j. In an update to its website posted late Wednesday, Microsoft said that it had also seen nation-backed hackers from North Korea and Turkey using the attack. Some attackers appear to be experimenting with the attack; others are trying to use it to break into online targets, Microsoft said.

Doesn't help when the fix is broken

[nagora]

https://nvd.nist.gov/vuln/deta... [nist.gov]

Did you enjoy your two days of feeling secure?

Re:

[jellomizer]

Do you ever feel secure?
If so you are probably the one getting hacked.

Early on people though if they had Linux compared to Windows, they were just that much more secure.
Even if they had setup their Linux distribution with all services (including telnet) and no Root password.

The endless fun you can have causing the CD Tray to open and close, or play random noises out of the video card.

Then the guy goes and buys more equipment to replace all the broken stuff, because he couldn't consider that his Linux envrio

Re:

[Anonymous Coward]

Do you ever feel secure?

Of course. I write everything in Java, so obviously I can't make code that will suffer from memory leaks, stack smashing, zombie pointers to deallocated memory, etc. Therefore, everything is secure and impenetrable.

Most secure election in history!

Re:

[quenda]

Even if they had setup their Linux distribution with ... no Root password.

That is just normal these days. You only have passwords for human users.

Re:Doesn't help when the fix is broken

[Hentes]

It's just a logging library, it's not doing anything important. Just turn it off instead of waiting for a patch.

"backed by", "linked to"

[VeryFluffyBunny]

Those don't seem to be supportable conclusions. Did they manage to trace the IP address to somewhere in China? Did they find Chinese text somewhere? The Log4j flaw's likely to be exploited by pretty much every hacker around the world. Why single out China? Is this part of the USA's hostilities towards China? Are they working their way towards another Iraq-style conflict based on flawed &/or non-existent evidence with China?

Re:

[IdanceNmyCar]

Dui.

There you go again, asking for facts

[Anonymous Coward]

"Hackers" already means "what follows is mostly tosh".

So what we have is a word-salad full of scare-words without hard information. This is par for the course for this game. But then, the point never was to inform you, or anyone, at all. In that sense of wilfully failing to tell you anything new, this is "fake" news.

Re: There you go again, asking for facts

[IdanceNmyCar]

ShiDe.

Re:

[nickmejack]

Reviewing your comments together, you look to be a bot or a paid commenter to support China. You copy and paste the same kinds of comments over and over and they fairly uniformly support China or are against the US. You disclaim you don't work for Hill & Knowlton but do you in fact work for someone paying you for these comments. I am not innocent nor do i believe everything the US supports or does is good, but if you are paid for this kind of work... maybe lead with that rather than run a silent propa

Re:

[AltMachine]

He's probably at risk of having his organs harvested...

Organ harvested! Oh, horrible! That must be worse than taking babies out of incubator. I should be very afraid if I have an uterus [theguardian.com].

You should be very afraid too, because your brain has been washed cleanly.

Re:

[phantomfive]

They are known as "little pink" and they are not paid for writing that kind of thing: https://en.wikipedia.org/wiki/... [wikipedia.org]
They are admired in China for defending their country.
They are not admired in Taiwan. There's a song about them: https://www.youtube.com/watch?... [youtube.com]

Re:

[VeryFluffyBunny]

Yeah, because taking a non-national, non-partisan, non-ideological stance on a topic in the media makes someone a shill, right? You're either for us or against us, right? Well, I never had that much patience for fascism. Western media & politicians are bullshitting non-stop about China. The Chinese govt are no saints - the do plenty of despicable things, but those pail into insignificance next to the USA's track record. Read a bit of history.

Re:

[Bloozguy]

And even if "linked to" that is in no way "backed by" It is willful propaganda. I am sure there is many a hacker "linked to" the U.S.

Re:

[znrt]

why waste a juicy opportunity to smear china? it's all over the place, has been a recurrent narrative by u.s. tech/business news for years now.

Re:"backed by", "linked to"

[mrobinso]

They didn't single out China.

They mentioned "Hackers linked to China and other governments", and went on to mention "they have observed hacking groups linked to China and Iran" and further on mentioned North Korea and Turkey. These are their "observations", not their "conjectures" or "speculation".

The countries they mentioned are among the most despotic in the world, famous for not only this type of deplorable activity but also for some of the most serious and chronic human rights violations in the history of this planet, including ethnic cleansing resulting in thousands of deaths.

Should these countries be mentioned by name? Damn straight.
Should China have been mentioned? Oh hell yes.
Despite not being singled out, should/could they have been singled out? Absolutely.

Re:

[Admiral Krunch]

They didn't single out China.

They mentioned "Hackers linked to China and other governments"

The headline singled out China.
It's just a fact.

Hackers linked to China and other governments are among a growing assortment of cyberattackers seeking to exploit a widespread and severe vulnerability in computer server software, according to cybersecurity firms and Microsoft. From a report:

The summary also singled out China.

Only at the bottom did they mention Iran, North Korea and Turkey.
Single out China for the main thrust, and then in the footnote link them to some other 'bad guy' countries as well.

Re:

[VeryFluffyBunny]

As far as I can tell, China's greatest 'crime' was gaining its independence from British & American colonialism. They've been demonised & insulted by western media & governments as the 'yellow peril' ever since. The human rights 'attrocities' frequently mentioned in US media are usually about the Uyghur population in north-west China. To put it into perspective, there's a strong Mujahadeen style fundamentalist Islamic separatist movement there. Is the Chinese govt being heavy-handed in dealing w

Re:

[phantomfive]

Microsoft didn't present evidence supporting their claim. The article further goes on:

"[Other] security researchers have seen no signs to date, however, that China or another nation-state hacking group is attempting widespread exploitation of the Log4j issue on the same scale as the Microsoft Exchange attacks, which infected hundreds of thousands of servers across the globe."

Many reasons

[Gabest]

There are a lot more Chinese, and they don't have to be afraid of a swat team suddenly kicking their door down.

You are responsible for everything that you put on the internet. If it gets stolen, hacked, it's your own fault. You can't blame anonymous like a clown because nothing will happen.

Re:

[jellomizer]

There is a lot of blame to go around.
Individual responsibility to take adequate steps to keep their data safe.
Companies to provide tools that can give individuals the ability to take those adequate steps
Academics who need to be open about changes and new discoveries to allow new tools to adapt.
Governments who need to support its citizens in their attempt to secure themselves, as well be a strong force against other governments who are allowing this.
 

Re:

[fermion]

Nation states better be using these tools to protect security. If the US is not at the forefront then we are the losers in the basement. Intelligence gathering is critical to insure to plan adequate defense. And hacking, as shown in the destruction the centrifuges used to refine nuclear material.

correct link

[DeBaas]

Correct link : https://www.wsj.com/articles/h... [wsj.com] . Seems an extra = character ended up in the link

Everyone's attacking Everything

[Hari Pota]

This ARSechnica post from december 7 tells about Microsoft taking over the Nickel servers.
https://arstechnica.com/inform... [arstechnica.com]

Re: spreading FUD

[IdanceNmyCar]

They ching'Ed the change, duh. Just like when Russia does it, you smell the Vodka. Do you even internet?

Re: spreading FUD

[IdanceNmyCar]

lol... Ching'ed the chongs. Owned by auto correct.

Missing some details

[peterww]

They forgot to mention how the USG's hackers are using the same exploits on their targets. Or does it not count when we're doing the hacking?

Enough with the cyber bollix ..

[terrorubic]

Log4j bug discovered on November 24, 2021 and fixed on December 6, 2021 ref [wikipedia.org]