Ransomware attack against Ultimate Kronos Group might result in weeks of downtime for HR solutions
December 13, 2021
IT systems of McMenamins taken down after Conti ransomware gang
December 16, 2021

Minecraft releases an emergency security update after observations of log4j exploits being used against Minecraft servers

On Friday 10th of December 2021, Mojang Studios, the Swedish video game developer behind Minecraft has released an emergency security update to address the bug CVE-2021-44228 in the Apache Log4j Java logging library which is used by Minecraft’s Java Edition client and multiplayer servers. Microsoft has warned all admins to immediately install the latest Minecraft server updates to defend them against any attacks that use the log4j exploits and asks players to only connect to trusted Minecraft servers.

“In these cases, an adversary sends a malicious in-game message to a vulnerable Minecraft server, which exploits CVE-2021-44228 to retrieve and execute an attacker-hosted payload on both the server and on connected vulnerable clients.”- Microsoft.

Microsoft 365 Defender Threat Intelligence Team and the Microsoft Threat Intelligence Center (MSTIC) has observed PowerShell-based reverse shells being deployed where Log4j exploits targeting Minecraft servers were used as the entry points. And it has also been observed that the Khonsari ransomware also uses the log4j bug to by being executed in the context of javaw.exe to ransom devices.

Leave a Reply

Your email address will not be published. Required fields are marked *