Temporary fix: JAVA_OPTS = "- Dlog4j.formatMsgNoLookups = true" Here are examples of what's vulnerable (From Cloudflare and Apple to minecraft servers).
Açık Pzt, Ara 13, 2021 13:54, zeynepaydogan <[email protected]> yazdı: > Kinsing backdoor happily addressed the vulnerability: The malware cleans the > device from competitors and starts mining. Other miner loaders also appear. > They even throw a grumbling Cobalt Strike at victims via log4j. A good set of > tools for pentest, because of the crack it turns into a very real observer of > the network and a backdoor for reloading any code. > > Açık Pzt, Ara 13, 2021 12:38, zeynepaydogan <[email protected]> > yazdı: > >> Malware using LOG4J exploit:) >> >> Açık Pzt, Ara 13, 2021 12:11, zeynepaydogan <[email protected]> >> yazdı: >> >>> Password: infected
