Saturday, December 10, 2022
Home Deals The Internet’s biggest players are all affected by critical Log4Shell 0-day

The Internet’s biggest players are all affected by critical Log4Shell 0-day

The list of services with Internet-facing infrastructure that is vulnerable to a critical zero-day vulnerability in the open source Log4j logging utility is immense and reads like a who’s who of the biggest names on the Internet, including Apple, Amazon, Cloudflare, Steam, Tesla, Twitter, and Baidu.

The vulnerability, now going by the name Log4Shell, came to light on Thursday afternoon, when several Minecraft services and news sites warned of actively circulating attack code that exploited the vulnerability to execute malicious code on servers and clients running the world’s bestselling game. Soon, it became clear that Minecraft was only one of likely thousands of big-name services that can be felled by similar attacks.

A compilation of screenshots posted online documents how some of the world’s most popular and trusted cloud-based services react when they are fed parameters used in the attack. To wit:

The images use a domain name system leak detection service called dnslog.cn to see if the target cloud service is performing a DNS lookup. Each images shows that service is accepting connections from an attacker-controlled machine (as evidenced by the IP connection log).

“Normally, typing something into a username box should never be making any external network connections, so the fact that it does proves that Log4j is being used here and therefore that the server may be vulnerable to the remote code execution attack,” Ars reader skizzerz explained in the comments below.

While the images show the services responding in unintended and potentially dangerous ways to the user input, the services aren’t automatically vulnerable to the types of code-execution attacks that compromised Minecraft servers. That’s because these services typically have multiple layers of defense. If one layer fails, additional layers are often available to lessen or completely eliminate any real damage.

Then again, the images demonstrate that unauthorized people can exploit Log4Shell to access the servers of the some of the world’s most powerful corporations in ways they never intended. Asked about the access to Apple servers, Malwarebytes director of Mac offerings Thomas Reed said: “This is far worse than if individual devices were vulnerable, and I think it’s an open question at this point exactly what kind of data attackers are probably pulling from Apple’s services as we speak.” Apple representatives didn’t respond to an email seeking comment.

Cloudflare, meanwhile, said in a post that it has taken steps to block attacks on its network and against its customers. Cloudflare Chief Security Officer Joe Sullivan said his team has been unable to reproduce the behavior depicted in the image and doesn’t recognize the IP addresses shown.

Minecraft on Friday rolled out a fix.

The takeaway is that it’s too early now to say these services aren’t vulnerable. For the time being, people should remain wary and await guidance from affected providers.

Listing image by Jeffrey Coolidge / Getty Images

- Advertisment -

Most Popular

A chorus of coughs: New Brunswick legislature hit by cold and flu season

Cold and flu season has brought an uptick in respiratory infections, impacting communities, schools and hospitals across the province, as well as the New...

Cyber Security Today, Week in Review for Friday Dec. 9, 2022

Welcome to Cyber Security Today. This is the Week in Review edition for the week ending Friday, December 9th, 2022. From Toronto, I’m Howard...

B.C. health clinics offer walk-in flu shots and focus on children’s vaccinations

A number of clinics in B.C. are offering additional walk-in influenza immunizations as part of the B.C. government’s efforts to support people and families...

Eight artists will journey around the Moon on a future SpaceX flight

/ Japanese billionaire Yusaku Maezawa selected eight people (and two alternates) to journey with him around the Moon.Maezawa with the dearMoon crew and...