The Log4j vulnerability is being exploited in proxyjacking campaigns, where hackers install proxyware to resell victims’ bandwidth. Sysdig’s Threat Research Team identified the technique and reports 23,000 unpatched systems remain vulnerable. Proxyjacking abuses services that allow clients to resell unused bandwidth, then repackages it to a range of customers. The attackers can earn around $220,000 a month from the exploitation. While minor, it can cost the victims if their bandwidth is used for illegal tasks.
Cyber defenders need to remember their adversaries are human, says Trellix research head
Nation-state actors and cybercriminals are increasingly overlapping, but they are still human and prone to errors. This vulnerability can be exploited, highlighting the importance of
