Chinese Hackers Spark Chaos on the Web
Tech experts are on high alert after the most severe threat they’ve ever seen in decades surface out of a new, simple tactic from Chinese hackers. The truth is, this dark web exploit is not even malware or anything like that. The dark web hackers have begun to exploit a software program so vulnerable it’s considered a literal ‘weapon’. According to Amit Yoran, founder of the US Computer Emergency Readiness Team and CEO of network security firm Tenable, The Apache Log4j Remote Code Execution Vulnerability is the most devastating vulnerability of the last decade.
The flaw came to light earlier this month in a program called Log4j, which allows programs to communicate with each other across computer networks. By exploiting what they’d dubbed ‘Log4Shell’, dark web hackers can hijack servers that run any network and repurpose them for their objectives by exploiting the bug.
This might include raiding company databases for bank account information, stealing medical records, photos and other highly compromisable data. In addition, the dark web hack can involve encrypting servers and extorting companies in ransomware attacks.
Above all, most ordinary users have no way of knowing their data has been stolen through the Log4Shell bug, and if they do, there’s little they can do to prevent it. This is just one of those instances, where you have to pray to the net Gods in hopes this crippling form of dark web hack is resolved super fast.
So far, data seems accessible to this hack, only if it is stored on a server that uses API, which includes Log4J. An API is an ‘application programming interface,’ which is essentially an invisible log that lets computer networks work. Therefore, photos that have never been uploaded to the internet should be safe, though many phones do automatically back up images to the internet without users knowledge.
With the fact that Log4j is open source, meaning it can be accessed freely and used by network engineers, many companies have no idea their systems were built with it and probably won’t until it’s too late.
Thousands of businesses are estimated to suffer from this newly released dark web hack. Right now, hackers are scouring the net for possible targets. Check Point, a prominent security firm claims that 37% of the UK’s corporate networks have already been the target of attempted exploitation of this new vulnerability.
Some of the tech giants of the world, like Google, IBM and Microsoft, and government agencies such as the United States’ Cybersecurity and Infrastructure Security Agency (CISA), have already discovered vulnerabilities in their servers. Some companies have issued guidelines to tackle this new dark web threat. Websites were cautioned to update their software to the latest version of Log4j. Log4j was created by Apache, who has since made a patch to counter the vulnerability.
Mandiant and Crowdstrike, both based in the United States, confirmed sophisticated dark web hacking groups using the issue to breach their targets. Mandiant labelled the darkweb hackers as Chinese government operatives in an email to the Reuters News Agency.
Juan Andres Guerrero-Saade, chief threat researcher at cybersecurity firm SentinelOne, agrees that this is ‘one of those terrible vulnerabilities that there’s pretty much no way to prepare for.’ His company has already witnessed Chinese hacker gangs move in to exploit the flaw.
According to Lotem Finkelstein, Director of Threat Intelligence and Research at Check Point Software, the Log4j flaw resulted in over 100 hacks per minute at one point. It is spreading like wildfire, but you could consider it a cyber pandemic — highly contagious, spreads rapidly and has multiple variants, which force more ways to attack vulnerable targets.