Lucene search

K
hiveproHiveForce LabHIVEPRO:28A01D4CBC8A05BECFBA17B5AF4793F1
HistoryNov 17, 2022 - 12:28 p.m.

Iranian hackers leveraged Log4Shell to penetrate US federal agency

2022-11-1712:28:57
HiveForce Lab
www.hivepro.com
47
iranian
log4shell
vmware
crypto mining
state-sponsored actor
fox kitten
threat research

EPSS

0.967

Percentile

99.7%

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iranian APT activity was detected on the networks of federal agencies. The intruders utilized an exploit targeting Log4Shell (CVE-2021-44228) to install XMRig crypto mining software on an unpatched VMware Horizon server. Due to the similarity in the tools used and attack chain hive pro threat research team has linked it to the Iranian state-sponsored actor Fox Kitten